Prosím o kontrolu logu

jaruska · Příspěvekod **jaruska** » 02 bře 2012 20:22

Zkoušela jsem hledat staré smazané foto, našla jsem program "o-o-diskrecovery". Mám HDD 160 GB, našlo mi to dost smazaných fotek, stáhla jsem si crack, abych ty fotky zkusila obnovit. Našlo jich to hodně, nevešly se na externí HDD 500 GB a PC zamrzl. To se mi stalo dvakrát, pak se počítač hodně zpomalil. o-o-diskrecovery jsem odinstalovala, rychlost PC se zlepšila, ale stále to není ono. Použila jsem CCleaner a udělala jsem defragmentaci. Mám strach, že jsem si s tím crackem stáhla nějaký "čurbes".
HP Pavilion dv5. Předem díky za radu. Jarka

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:02, on 2.3.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\BatteryCare\BatteryCare.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Opera\opera.exe
C:\Users\Pavel\Downloads\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{68D53B71-A803-4425-BC9E-E5B7F97EDC53}: NameServer = 77.48.254.254,77.48.100.254
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\aestsrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f691e717\STacSV.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 8260 bytes

Reklama

Příspěvekod **Žbeky** » 02 bře 2012 20:47

Co z toho vyplývá? Necrackovat...

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

jaruska · Příspěvekod **jaruska** » 02 bře 2012 21:24

S tím crackem to už vím :oops:

chtěla jsem ty fotky

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.03.02.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Pavel :: PAVEL-PC [administrátor]

2.3.2012 21:14:04
mbam-log-2012-03-02 (21-21-59).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 227189
Uplynulý čas: 7 minut, 23 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Žádná instrukce nebyla provedena.

(konec)

Příspěvekod **memphisto** » 03 bře 2012 00:41

- Takže spus znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

jaruska · Příspěvekod **jaruska** » 03 bře 2012 10:42

Scan z MbAM proběhl, rootkit zero access byl přesunut do karantény a úspěšně odstraněn, pak jsem spustila ComboFix. Ten napsal tu úvodní hlášku, že bude trvat 10 minut u těžce nakažených déle. Asi po osmi hodinách se PC sám vypnul. Po nastartování se mi ztratil log z MbAM. Mám znova spustit ComboFix?

Příspěvekod **jaro3** » 03 bře 2012 10:57

Zkus udělat nový sken MbAM , zda se nákaza nevrátila.

Combofix udělej znovu , v nouz. režimu , nebo v normálním ale nejprve tohle:
Stáhni si rkill
a spusť ho . Spustí se sken .Po skenu se program sám ukončí.
Pozn.: NERESTARTUJ PC !

pak CF .

jaruska · Příspěvekod **jaruska** » 03 bře 2012 19:27

Sken MbAM je v pořádku.
Rkill udělal sken (přikládám).
Combofix nejde spustit, ani v nouzovém režimu. Pokaždé skončí u hlášky o 10 minutách a dvě - tři hodiny dál nic nedělá.
Po pokusech o spuštění Combofixu se vymazala z nastavení výchozí brána a přestala fungovat čtěčka prstů.

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 03.03.2012 at 16:47:21.
Operating System: Windows Vista (TM) Home Premium

Processes terminated by Rkill or while it was running:

Rkill completed on 03.03.2012 at 16:47:34.

Příspěvekod **Žbeky** » 03 bře 2012 19:41

ÖK

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

Před OTL spusť znovu rkill a pak udělej bez restartu:
Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

jaruska · Příspěvekod **jaruska** » 03 bře 2012 20:51

OTL.Txt má více než 60000 znaků, jako přílohu to nelze přiložit - "přípona txt není povolena". Jak mám prosím log poslat?

OTL Extras logfile created on: 3.3.2012 20:33:18 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\Pavel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,03% Memory free
4,23 Gb Paging File | 3,05 Gb Available in Paging File | 72,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,31 Gb Total Space | 58,50 Gb Free Space | 41,40% Space Free | Partition Type: NTFS
Drive D: | 7,74 Gb Total Space | 1,53 Gb Free Space | 19,73% Space Free | Partition Type: NTFS

Computer Name: PAVEL-PC | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024A3BBF-1297-499D-9F58-A802177546AC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0350F257-8291-4F58-AC49-EFC07F215321}" = rport=138 | protocol=17 | dir=out | app=system |
"{10741A1B-3F2E-4739-B1B2-9E052AC50B24}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{12DC8035-2E49-4426-B95B-7DD4B3DB1B7E}" = rport=445 | protocol=6 | dir=out | app=system |
"{393DC74D-D6DC-4550-A4DE-E56EF91AE589}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4843CA8D-3C88-4C5B-9248-91DBC8BB84B4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4FCEF09F-6CC1-4F2A-B156-608C41250B74}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{52739B3F-FACC-4B5E-8FE5-94325D6B8D5A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6812A4E3-4430-4E95-B667-75115B200D78}" = lport=445 | protocol=6 | dir=in | app=system |
"{6C89EA59-46A8-44E9-AB67-789EAD84DB01}" = rport=139 | protocol=6 | dir=out | app=system |
"{796E897B-357A-4ABD-86F0-E34C7842F925}" = lport=139 | protocol=6 | dir=in | app=system |
"{7BFFFB98-135D-4A12-A612-6E2CED6D3140}" = rport=137 | protocol=17 | dir=out | app=system |
"{858B2547-AEFB-4531-B016-7E7B16F52FAC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8ADD3185-6F02-40D9-B441-3DFCA7E1D63A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C151F33-C6B1-48F9-9AAC-731124AE6838}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A64D2D36-2EE2-4E91-A64B-0F55781E9EC3}" = lport=138 | protocol=17 | dir=in | app=system |
"{AB012F6D-DA3F-4061-9CEC-9FE12CBA5BBD}" = lport=137 | protocol=17 | dir=in | app=system |
"{BA767979-8F36-46E8-8BA7-1A9F659D3037}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D994AFC7-6AD2-453E-824B-7EC73CE14FA2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6E59608-00FF-4F16-B7BA-20B0F0E516F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E6F9A2F1-E366-476D-87CE-DAADCF18CE1E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{ED732BA5-A621-4C0B-81F0-29F79D5A6320}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{26041F4F-E7B1-40EF-8318-994123E6C969}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{2CEB423D-A298-4C19-9228-C86D9C498FD8}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{2D7BD65E-F6A3-461E-9277-8129084D82DF}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{5F5E3D3B-5A48-4D87-B137-189D5104A84B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{646E60CB-9162-4E29-8389-AC89CA4EA2EB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{77C70CA4-A6A1-496D-8122-F0DA28D4EB51}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{867C2598-CB9F-4E9D-A8AC-1ED62AB2F3D0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{AB08B07D-C649-4C08-B8B5-725852B9BC19}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{B6F1F015-4E66-485B-97EA-CB83181E1A61}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B7300E61-D513-46AB-959D-D03EDF04E320}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BA4135C3-A73D-46CB-9867-8BED80FF2738}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8B989A4-1177-4C90-940C-D3EB80EEC692}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C93D684C-66B4-496F-86BE-69171E287282}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D5AE4AED-D588-40FA-8292-74394DAA64B8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{46183D0D-6DC3-4A2C-AECC-8EC42CD56B63}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"TCP Query User{5AB832C3-E67C-4795-97C1-C894A14C979D}C:\program files\heluzkominy\firebird\bin\fbserver.exe" = protocol=6 | dir=in | app=c:\program files\heluzkominy\firebird\bin\fbserver.exe |
"TCP Query User{7795D955-A92D-4739-A364-C0E63ACD0CFF}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{7F1F245A-00A3-4545-9252-D170840C39FE}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{1201E6C9-6657-402B-85DC-6C62C7326E24}C:\program files\java\jre1.6.0_05\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0_05\bin\javaw.exe |
"UDP Query User{D48FA54A-5F12-4913-95E1-36AE8974114D}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{D566B0F6-AA36-4332-82D6-FC6CA1A8BA96}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F4E1A804-74B9-4D54-ADDA-68171B44ABF9}C:\program files\heluzkominy\firebird\bin\fbserver.exe" = protocol=17 | dir=in | app=c:\program files\heluzkominy\firebird\bin\fbserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{024D1716-9F42-0039-06E5-F4279D6C4382}" = CCC Help Russian
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{04556846-E511-3FE9-E824-3588075C8036}" = Catalyst Control Center Graphics Full Existing
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{05CD72BE-7783-AAB9-0C05-2D8DBD2DD444}" = Catalyst Control Center Localization Dutch
"{0612E132-33FF-4488-9C31-F8D485D6866D}" = Catalyst Control Center Graphics Light
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A8A2A22-958C-4625-8E24-3B2250749EB2}" = STORMWARE POHODA CZ Standard
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B3DB1B2-404C-AAA8-B32E-E65520EDE74D}" = CCC Help Polish
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{10504622-2818-C312-55CC-A72D36A31DBC}" = CCC Help Swedish
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{280235E3-D1FB-408A-A1D5-C77BA584FBBA}" = BlService Web Update
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{2A34320A-56F9-9C4F-D325-77AC8A54C8B6}" = Catalyst Control Center Localization Japanese
"{2C9FF444-79C0-C0C4-7B21-0E77C872AF53}" = CCC Help Danish
"{2CA3E0A5-9281-6E67-1843-A6CC0B00BD74}" = Catalyst Control Center Localization French
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{31775690-0E29-2AB1-75DE-C406152CBD1D}" = Catalyst Control Center Localization Chinese Standard
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3466C4D1-508A-0E36-EB05-2E53766F27E0}" = CCC Help Italian
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{38DCD6F5-C4DC-25E5-C113-0A909558FC2C}" = CCC Help Norwegian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FA160E2-066B-8D77-FCF4-F001F236E8E7}" = CCC Help Spanish
"{3FA93E4C-CB3B-4B25-B091-9DB0FCC56A74}" = Catalyst Control Center - Branding
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41313863-5170-4D7E-AD60-3CDF4DEBA81F}" = Nokia PC Suite
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{431CED44-A6D3-4E4A-2B76-04D1A861FCCE}" = Catalyst Control Center Localization Swedish
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{475144D0-A4D6-C553-42B5-7BB60FCEF9EC}" = Catalyst Control Center Localization German
"{49BA6327-744C-3D20-16DB-6E98BF66D0FD}" = Catalyst Control Center Localization Danish
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{4B4D411D-E363-7E6B-68C3-C8E2EF02B7C6}" = CCC Help Chinese Traditional
"{4BFA6EEB-AAED-4334-8E98-A907DE4DD5CF}" = AMD Driver Support for HP 3D DriverGuard
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{50DB0F17-4180-31F7-F26B-B40CBA8BA6E0}" = CCC Help German
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{5396C246-53B5-4BBA-62DC-8308C7357EFE}" = Catalyst Control Center Localization Polish
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{54CAEF60-0258-2D8E-F01F-24BC689EA8A9}" = Catalyst Control Center Localization Portuguese
"{560BB29B-41C5-88E4-4847-B4B1DDB47B9B}" = Catalyst Control Center Localization Czech
"{567E8236-C414-4888-8211-3D61608D57AE}" = Validity Sensors software
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{59748B12-406B-7EA4-355D-3BBD62E97C69}" = Catalyst Control Center Localization Turkish
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B4E5823-7265-9A19-A871-36E75824F7BE}" = CCC Help French
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EBC76DA-573E-7D96-A6F8-F4B9DE97A15F}" = Catalyst Control Center Localization Greek
"{623AD94E-1621-5AA1-BD6D-0EF08C9D7851}" = Catalyst Control Center Core Implementation
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DBCFFF6-2A7B-4AE4-8FC8-1216442E2814}" = CCC Help Korean
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FCBD7F7-6A29-089F-E5DB-E33EFCF306CD}" = Catalyst Control Center Localization Spanish
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{762D9F20-593B-436E-CAC3-B3D9F4DA7A90}" = Catalyst Control Center Localization Chinese Traditional
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A10B7C7-F7E6-4DD8-9677-4EC9B8DF3249}_is1" = Ciko-kalk
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7EBE7312-888F-4CFB-BD60-894D8B8B2520}" = PowerArchiver 2010 Czech
"{80C2AD19-97A2-C829-38DE-5FD5B47F122B}" = ATI Catalyst Install Manager
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8436F8D7-AA62-83DA-3BC5-E04871BF5F61}" = CCC Help Portuguese
"{84F40C39-1E61-B3A7-833A-3A376AB53394}" = CCC Help Japanese
"{85155187-3BEF-47B4-A662-346FEABF67A6}" = ProtectSmart Hard Drive Protection
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DB57826-2EAB-47E7-9E18-355ADD75BDC4}_is1" = Zálohování dat programu Diář 1.0
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FB846BB-9C41-46D9-8247-6936FE4DEDD2}" = STORMWARE POHODA CZ Standard
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_PRJPRO_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PRJPRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_PRJPRO_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_PRJPRO_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0405-0000-0000000FF1CE}" = Microsoft Office Project MUI (Czech) 2007
"{90120000-00B4-0405-0000-0000000FF1CE}_PRJPRO_{D7A05170-CE64-4434-B5A2-9561DB4BE328}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931FB38C-D5D4-4DBD-3723-50140A67F276}" = CCC Help Turkish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{96A959C9-51E1-C920-A9FA-269BB462A940}" = CCC Help Czech
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A102E7E3-2A4E-F509-3EF6-019F45C83196}" = CCC Help Dutch
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A57222BD-51E3-7765-A008-9B6428402A59}" = CCC Help Hungarian
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8ACD338-255C-B53D-7F19-ED7293B291E8}" = Catalyst Control Center Localization Norwegian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB61E316-F10B-43eb-B47F-42095835F9CC}" = C3100
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-1029-4770-7760-000000000004}_950" = Adobe Acrobat 9.5.0 - CPSID_83708
"{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}" = Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Czech
"{AC853A11-2047-4AAE-9EF1-9084C5B35926}" = KalkulacniProgram
"{AE72E414-0935-4AC8-B7D6-12E3039BEC13}" = DigitalPersona Personal 3.0.1
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BD41A0CF-79B4-98D8-B9B9-3DE8BEC8A861}" = Catalyst Control Center Localization Finnish
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4B2636B-D76D-7C23-3010-99E96693F0B5}" = Catalyst Control Center Graphics Previews Vista
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C6A6036D-FBD0-4324-BEAA-C0845257160C}_is1" = BatteryCare 0.9.8.10
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C9E9386A-7E81-796A-3465-8471A239A8A0}" = CCC Help Chinese Standard
"{CA4498C8-5146-E527-27A7-1B4F81C9BF05}" = CCC Help Thai
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB24A9E5-A068-43DD-88D0-B51BED3C0B99}" = Nokia Suite
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DEC3A80C-49D3-2885-2A03-3FBA61A5D40F}" = Catalyst Control Center Localization Italian
"{DF95F1EE-9ECA-45C1-B02B-F56DDB8A3E83}" = PC Connectivity Solution
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B276B1-97D7-7AD2-548F-248A7745A1ED}" = CCC Help Greek
"{E2ADC6FA-4233-54E6-29EC-E60EAD096A50}" = Catalyst Control Center Localization Hungarian
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E3EA025D-29A0-530C-9CA7-DBB5C49BB6DB}" = Skins
"{E96FFA19-E94B-D32B-E103-E78A0877245A}" = Catalyst Control Center Localization Thai
"{EAE4AD65-89F2-3DE8-DF46-CCB34393CAA0}" = Catalyst Control Center Localization Russian
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EE3D717C-D93F-2A2B-F641-F59F48E11895}" = ccc-utility
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F447BD4C-65C3-A6D9-8A5F-5E822E32E1BC}" = Catalyst Control Center Localization Korean
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F48FEA7A-2B87-8270-927C-20A0E7E5EBC2}" = CCC Help English
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCC92CBC-F520-A906-C002-9A6236308916}" = Catalyst Control Center Graphics Full New
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEC99680-66C4-C8C7-084B-2FB1B257777C}" = CCC Help Finnish
"{FEEDAB32-F937-8319-D3F1-FFFC98C2111E}" = ccc-core-static
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anti-Twin 2011-03-06 18.44.17" = Anti-Twin (Installation 6.3.2011)
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CloneCD" = CloneCD
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.15
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"Diář 5_is1" = Diář 5.5
"DVD Shrink_is1" = DVD Shrink 3.2
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.

"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FSCZ_is1" = FORM studio
"HD Tune_is1" = HD Tune 2.55
"HeluzKominy_is1" = Heluz - komínové systémy 4.1.0.0
"Hlídám si" = Hlídám si verze 3.0
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ImgBurn" = ImgBurn
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"JDownloader" = JDownloader
"Jigs@w Puzzle" = Jigs@w Puzzle
"Kalkulace nové komíny_is1" = Kalkulace nové komíny 1.3.2011 (verze 1.3.2011)
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.60.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 8.0.1 (x86 cs)" = Mozilla Firefox 8.0.1 (x86 cs)
"Nokia PC Suite" = Nokia PC Suite
"Nokia Suite" = Nokia Suite
"Opera 11.61.1250" = Opera 11.61
"Picasa 3" = Picasa 3
"Podnikový a domácí právník 8.3_is1" = Podnikový a domácí právník 8.3
"Print Envelope_is1" = Print Envelope 1.0.0.1
"PRJPRO" = Microsoft Office Project Professional 2007
"Psaní všemi deseti_is1" = Psaní všemi deseti 1.5
"Recuva" = Recuva
"Regino_is1" = Regino v5.0
"RTS Stavitel_is1" = RTS Stavitel+ 2010
"RTS Stavitel+ 2011_is1" = RTS Stavitel+ 2011
"SAPIENS" = SAPIENS
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SolSuite_is1" = SolSuite 2010 v10.0
"SpeedFan" = SpeedFan (remove only)
"STORMWARE PDF Printer_is1" = STORMWARE PDF Printer 5.0.0.614
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"WhoCrashed_is1" = WhoCrashed 3.02
"WinDjView" = WinDjView 1.0.3
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"24h Analog Clock" = 24h Analog Clock
"ccc803c5aec72751" = INFOTEXT
"Google Chrome" = Google Chrome
"Spirograph" = Spirograph

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 3.3.2012 15:09:06 | Computer Name = Pavel-PC | Source = Windows Search Service | ID = 3013
Description =

[ OSession Events ]
Error - 27.1.2012 0:55:27 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 177
seconds with 120 seconds of active time. This session ended with a crash.

Error - 27.1.2012 0:55:48 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 27.1.2012 1:11:20 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 921
seconds with 540 seconds of active time. This session ended with a crash.

Error - 27.1.2012 2:09:10 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 165
seconds with 120 seconds of active time. This session ended with a crash.

Error - 7.2.2012 15:03:20 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 146
seconds with 120 seconds of active time. This session ended with a crash.

Error - 7.2.2012 15:03:32 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7.2.2012 15:12:21 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9.2.2012 8:16:07 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 2471
seconds with 1560 seconds of active time. This session ended with a crash.

Error - 15.2.2012 2:26:51 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 372
seconds with 360 seconds of active time. This session ended with a crash.

Error - 24.2.2012 2:07:53 | Computer Name = Pavel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3933
seconds with 3000 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3.3.2012 11:24:39 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3.3.2012 11:24:39 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3.3.2012 11:24:39 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3.3.2012 11:29:05 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3.3.2012 11:29:05 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3.3.2012 11:29:05 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3.3.2012 11:30:56 | Computer Name = Pavel-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 3.3.2012 11:53:14 | Computer Name = Pavel-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 3.3.2012 15:12:11 | Computer Name = Pavel-PC | Source = Microsoft Antimalware | ID = 1119
Description = %%860 - byla zjištěna kritická chyba při provádění akce s malwarem
nebo jiným potenciálně nežádoucím softwarem. Další informace naleznete v následujících
položkách: http://go.microsoft.com/fwlink/?linkid= ... 2147625310

Název:
TrojanDropper:Win32/Dunik!rts ID: 2147625310 Závažnost: Vysoké Kategorie: Trojský
program rozesílající soubory Cesta: file:_C:\Users\Pavel\AppData\Local\Opera\Opera\cache\g_000D\opr001D3.tmp

Původ
detekce: %%845 Typ detekce: %%822 Zdroj detekce: %%818 Uživatel: Pavel-PC\Pavel Název
procesu: C:\Program Files\Opera\opera.exe Akce: %%809 Stav akce: No additional actions
required Kód chyby: 0x80070490 Popis chyby: Prvek nebyl nalezen. Verze podpisu: AV:
1.121.794.0, AS: 1.121.794.0, NIS: 0.0.0.0 Verze stroje: AM: 1.1.8101.0, NIS: 0.0.0.0

Error - 3.3.2012 15:14:25 | Computer Name = Pavel-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 – došlo k chybě při pokusu o aktualizaci podpisů. Nová verze
podpisu: Předchozí verze podpisu: 1.121.794.0 Zdroj aktualizace: %%859 Fáze aktualizace:
%%852 Zdrojová cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace:
%%803 Uživatel: NT AUTHORITY\SYSTEM Aktuální verze stroje: Předchozí verze stroje:
1.1.8101.0 Kód chyby: 0x80096001 Popis chyby: Během ověřování důvěryhodnosti došlo
k chybě na úrovni systému.

< End of report >

Příspěvekod **Žbeky** » 04 bře 2012 08:59

Rozděl to na víc příspěvků

jaruska · Příspěvekod **jaruska** » 04 bře 2012 12:00

Omlouvám se, to mě netrklo

OTL logfile created on: 3.3.2012 20:33:18 - Run 1
OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\Pavel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,03% Memory free
4,23 Gb Paging File | 3,05 Gb Available in Paging File | 72,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141,31 Gb Total Space | 58,50 Gb Free Space | 41,40% Space Free | Partition Type: NTFS
Drive D: | 7,74 Gb Total Space | 1,53 Gb Free Space | 19,73% Space Free | Partition Type: NTFS

Computer Name: PAVEL-PC | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Pavel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\BatteryCare\BatteryCare.exe (Filipe Lourenço)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\conime.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SMINST\BLService.exe ()
PRC - C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
PRC - C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe (Andrea Electronics Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll ()
MOD - C:\WINDOWS\System32\atitmmxx.dll ()

========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Recovery Service for Windows) -- C:\WINDOWS\SMINST\BLService.exe ()
SRV - (STacSV) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_f691e717\stacsv.exe (IDT, Inc.)
SRV - (vfsFPService) -- C:\WINDOWS\System32\vfsFPService.exe (Validity Sensors, Inc.)
SRV - (DpHost) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (AESTFilters) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_f691e717\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- File not found
DRV - (NwlnkFlt) -- File not found
DRV - (IpInIp) -- File not found
DRV - (catchme) -- File not found
DRV - (ay22qd1p) -- File not found
DRV - (ALSysIO) -- File not found
DRV - (truecrypt) -- C:\WINDOWS\System32\drivers\truecrypt.sys (TrueCrypt Foundation)
DRV - (MBAMProtector) -- C:\WINDOWS\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (NisDrv) -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\WINDOWS\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Almico Software)
DRV - (NPF) -- C:\WINDOWS\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (athr) -- C:\WINDOWS\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (cpuz132) -- C:\WINDOWS\System32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (WDC_SAM) -- C:\WINDOWS\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (pccsmcfd) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (WinRing0_1_2_0) -- C:\Program Files\BatteryCare\WinRing0.sys (OpenLibSys.org)
DRV - (STHDA) -- C:\WINDOWS\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (ahcix86s) -- C:\Windows\system32\DRIVERS\ahcix86s.sys (AMD Technologies Inc.)
DRV - (RTL8169) -- C:\WINDOWS\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (JMCR) -- C:\WINDOWS\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (atikmdag) -- C:\WINDOWS\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\WINDOWS\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (vfs101x) -- C:\WINDOWS\System32\drivers\vfs101x.sys (Validity Sensors, Inc.)
DRV - (enecir) -- C:\WINDOWS\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (Amddfltr) -- C:\Windows\system32\DRIVERS\Amddfltr.sys (Advanced Micro Devices)
DRV - (HpqRemHid) -- C:\WINDOWS\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (ElbyCDFL) -- C:\WINDOWS\System32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (NVENETFD) -- C:\WINDOWS\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{512334E3-1C32-4B49-B84A-81D53C8A311B}: "URL" = http://slirsredirect.search.aol.com/sli ... 632&query={searchTerms}&invocationType=tb50hpcnnbie7-cs-cz
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=HQ&apn_dtid=YYYYYYYYCZ&apn_uid=F45B31CE-67CC-408F-8066-F1D02CE61D38&apn_sauid=BB214264-CFBC-491D-B709-6D85DB7A84EC
IE - HKCU\..\SearchScopes\{512334E3-1C32-4B49-B84A-81D53C8A311B}: "URL" = http://slirsredirect.search.aol.com/sli ... 632&query={searchTerms}&invocationType=tb50hpcnnbie7-cs-cz
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GZEV_csCZ446
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: 2020Player_IKEA@2020Technologies.com:5.0.7.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.740
FF - prefs.js..extensions.enabledItems: fe_3.6@nokia.com:1.7.56.205
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.23

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pavel\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2011.02.27 03:12:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_3.6@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6 [2011.11.15 16:57:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2012.01.11 19:34:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.13 20:22:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.12 13:48:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011.11.15 16:57:56 | 000,000,000 | ---D | M]

[2011.03.03 19:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions
[2011.03.03 19:37:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.03.03 19:36:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.12.13 20:22:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\odmiluok.default\extensions
[2011.07.26 13:36:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\odmiluok.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.07.21 22:34:43 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\odmiluok.default\extensions\2020Player_IKEA@2020Technologies.com
[2011.08.23 06:35:37 | 000,002,395 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\odmiluok.default\searchplugins\askcom.xml
[2011.07.15 10:53:43 | 000,002,055 | ---- | M] () -- C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\odmiluok.default\searchplugins\daemon-search.xml
[2011.12.13 20:22:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.31 22:05:13 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.13 20:22:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.11.21 05:19:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2012.01.03 08:22:01 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
[2011.11.21 02:08:07 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.11.21 02:50:48 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.11.21 02:50:48 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.11.21 02:50:48 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.11.21 02:50:48 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.11.21 02:50:48 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pavel\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pavel\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pavel\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mouse Stroke = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeaoofnhgocdbnbeljkmbjdmhbcokfdb\1.9.5.6_0\
CHR - Extension: YouTube = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Morpheon Dark - Aero = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpnbbonpgadmkipdlclghcekaklebdpi\1.2_0\
CHR - Extension: Skype Extension = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
CHR - Extension: Gmail = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011.04.24 22:58:29 | 000,001,211 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [BatteryCare] C:\Program Files\BatteryCare\BatteryCare.exe (Filipe Lourenço)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Připojit k existujícímu PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\WINDOWS\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68D53B71-A803-4425-BC9E-E5B7F97EDC53}: NameServer = 77.48.254.254,77.48.100.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

jaruska · Příspěvekod **jaruska** » 04 bře 2012 12:01

========== Files/Folders - Created Within 30 Days ==========

[2012.03.03 20:29:18 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2012.03.03 19:29:30 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{BA34B93D-5471-4028-A5F3-FF7847E04968}
[2012.03.03 19:29:19 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{4346567C-EE68-4F47-BABD-4283A115554E}
[2012.03.03 16:49:28 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012.03.03 08:44:28 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{AB868BEA-71F9-4A6F-B656-BB412376A1BE}
[2012.03.02 20:44:14 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{5DF074BD-7442-4092-AF1C-F8AAAB35B228}
[2012.03.02 20:44:03 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{A2CABE67-19AA-4543-917B-F39FE06F0E3A}
[2012.03.02 20:42:38 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\hj
[2012.03.02 06:58:09 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{FDC915BB-9CE7-4D5D-AD8E-7AB506E985C9}
[2012.03.02 06:57:58 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{7D6226AE-419B-4174-A66B-CFDE9F9E6B3D}
[2012.03.01 18:57:31 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{E29BBD28-D7FD-47E9-B547-1C9972D31F4B}
[2012.03.01 18:57:19 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{7FEF3781-70AE-4D77-9122-4C87B12B0310}
[2012.03.01 14:00:27 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Documents\recu
[2012.03.01 06:26:30 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{60246203-E202-45EE-8A56-CCF00736166A}
[2012.03.01 06:26:19 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{0D089E07-2300-4BE8-9180-BF41138972BF}
[2012.02.29 18:26:06 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{C6B6842B-356A-49F3-81F8-4FC521AA0FBA}
[2012.02.29 18:25:56 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{6C69EBB2-E732-4EEF-A9F2-B70679705924}
[2012.02.29 06:25:28 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{B80FE49E-ED34-4299-BDA3-49102AB4A273}
[2012.02.29 06:25:16 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{C5BB8ACF-C7EA-4B0D-827F-3BAA0A203CB6}
[2012.02.28 08:22:46 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{E3EB04E2-9C73-4E77-8724-079F45AF3911}
[2012.02.28 08:22:35 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{63C25B11-CC37-426E-8500-36ED82FA4F7E}
[2012.02.27 18:41:38 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{48B744AB-5666-47B5-871F-CB74B079F68D}
[2012.02.27 18:41:28 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{B6C1FED8-6BB4-4327-94BC-8C0EAB341E9E}
[2012.02.27 06:41:01 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{8F1615BC-8A60-4546-9436-10F048A9B2D7}
[2012.02.27 06:40:50 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{D9ADE3A9-013A-4982-8DC7-89DF08B7BD8F}
[2012.02.26 17:08:32 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{630F00AB-BE21-43C6-B20F-E3B547C581C4}
[2012.02.26 17:08:21 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{E2F12C4E-38AB-401D-A1C0-9F4450FC72D1}
[2012.02.26 15:52:59 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.02.26 15:39:37 | 000,000,000 | -HSD | C] -- C:\Users\Pavel\AppData\Local\6fd4b17e
[2012.02.26 08:48:36 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{A5797B60-AEAC-4805-A971-BB8CC7997550}
[2012.02.26 08:48:25 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{D72583BE-A44C-46D0-B86D-8EAF4CCADCFE}
[2012.02.26 06:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys(1)
[2012.02.25 20:47:57 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{A9B8C2EF-2710-4C17-BBA8-C3887A35B599}
[2012.02.25 20:47:47 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{911DE75B-803E-4CE9-A84F-909D5A15989B}
[2012.02.25 10:29:13 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Documents\Bluetooth Exchange Folder
[2012.02.25 10:12:08 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\PeerNetworking
[2012.02.25 06:54:58 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{646669E3-2BBA-410F-A5E4-1FE01AAC45F6}
[2012.02.25 06:54:42 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{8874E827-83C2-4776-A929-AD2CFB4F73D8}
[2012.02.24 11:07:01 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{A189E901-F219-43A6-8941-D2A135DD534D}
[2012.02.24 11:06:50 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{45603B14-68FE-4F13-BD68-E033C959444E}
[2012.02.23 06:04:30 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{960EAE33-C787-4CC7-AB05-4F3F0FAA4F51}
[2012.02.23 06:04:17 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{B86F6C0B-F240-4D9F-AD0B-C1A0C80D5E2B}
[2012.02.23 06:03:20 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2012.02.23 06:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2012.02.23 05:53:49 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012.02.23 05:53:49 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012.02.23 05:53:48 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012.02.23 05:53:01 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012.02.22 17:05:20 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{A5C021F1-3474-4163-9D23-61923318B65B}
[2012.02.22 17:05:06 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{47B299C6-FC68-4064-A9FF-E8C316DCEA31}
[2012.02.22 04:54:25 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{C5B3873D-E038-4055-AE1C-FAACD045D169}
[2012.02.22 04:54:13 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{8320FDBA-7410-4B14-9BCE-323A57945315}
[2012.02.21 08:03:15 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{3ED4130C-F75F-4DC0-8EC9-27437C4BAA22}
[2012.02.21 08:03:03 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{92C2AFFD-EC61-4860-A2ED-B3593899BDE3}
[2012.02.20 12:06:05 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{3F82BC81-388A-43B1-A1E0-352478D9757B}
[2012.02.20 12:05:54 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{5B5D4159-7D50-43C3-89B0-FA036E3797A6}
[2012.02.19 20:19:41 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{B9FB6702-FE90-4028-8D6D-E8B345F09D81}
[2012.02.19 20:19:31 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{767A234B-F00C-4F1B-AE26-1E0B680B9823}
[2012.02.19 13:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.02.19 08:19:18 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{9B5CB62B-6A8B-4971-8774-A770FAD8DD71}
[2012.02.19 08:19:07 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{C35B6800-D036-476C-BE8F-A0C673F4DF3D}
[2012.02.18 12:24:50 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{65D2A6B0-DE5B-4A9F-9BE4-2C817D55DAE5}
[2012.02.18 12:24:39 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{25CEC230-045F-42A8-BDA3-E57A1EE5DB7C}
[2012.02.18 00:24:12 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{6F75C112-B725-4FB7-902D-19D9DA29D5B9}
[2012.02.18 00:24:01 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{5AD719EA-4668-4C91-B872-B0A7281502BC}
[2012.02.17 09:23:15 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{6B73B974-750F-4417-AF17-9FDA0CC183FE}
[2012.02.17 09:23:05 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{62455961-818A-4427-974D-25AF443836EB}
[2012.02.16 10:45:51 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{CDDA935F-066A-479E-9AC6-9176AF7EEE71}
[2012.02.16 10:45:40 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{09692F2B-DD21-46A5-BB89-259779006FB4}
[2012.02.15 23:03:15 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.15 23:03:12 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.15 23:03:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.15 23:03:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.15 23:03:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.15 23:03:07 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.15 19:04:18 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{C2B93CAE-EC34-45CB-8655-2940C69D1FA0}
[2012.02.15 19:04:06 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{8EFC7019-0A0A-4AE8-A6F3-44FF804E86EB}
[2012.02.15 11:44:34 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.15 07:03:55 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{BCFCB235-2D0D-43BE-8D73-7574FD7A4AEE}
[2012.02.15 07:03:44 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{3F9A9B88-DBBB-49EA-81B4-9D3EC0D051CF}
[2012.02.14 19:03:19 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{BBD2FFC1-40C0-4428-AC31-86E18737EFC8}
[2012.02.14 19:03:08 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{30E5239C-32AA-4C76-B97C-FFFB0BA5E03E}
[2012.02.14 07:02:43 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{9033C297-F740-42C8-862B-E294BCB25602}
[2012.02.14 07:02:32 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{69E8F162-192B-4DA1-84EB-3141A0C1458B}
[2012.02.13 16:18:20 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{6A7BCC4A-2B80-45B6-8443-EB8053D2B28D}
[2012.02.13 16:18:08 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{3A72C56E-8F0D-4894-BF43-3B3B98447098}
[2012.02.13 07:55:21 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{E18A9741-5793-4B4E-8022-E94FAFA331A5}
[2012.02.13 07:55:09 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{7C510711-FC78-4F94-87DF-F7E68084808D}
[2012.02.12 10:50:47 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{F1F5BB94-359F-4477-8D48-040253FBB1B9}
[2012.02.12 10:50:36 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{98E1F4F6-05A7-463E-A430-A1C54093F00D}
[2012.02.11 07:46:31 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{A4B0CF9D-A5B3-4EFC-B683-11A61E996D32}
[2012.02.11 07:46:21 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{BC450099-1197-49F4-B74A-811474D65DF9}
[2012.02.10 19:45:55 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{F6C3CD53-156A-4EFA-A6E3-1385869AA500}
[2012.02.10 19:45:44 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{623D8503-D4AE-44CA-B38C-E8535A91BB5B}
[2012.02.10 16:05:38 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\TrueCrypt
[2012.02.10 16:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2012.02.10 16:02:37 | 000,231,760 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2012.02.10 16:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2012.02.10 06:00:03 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{C4720592-E523-4F02-8F97-DE6C51141164}
[2012.02.10 05:59:52 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{2F3EA626-A7DD-4A5C-AF5C-801DA2B716D2}
[2012.02.09 17:59:25 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{9D3A2F72-72A8-4A7C-8BB8-552ECDB82B04}
[2012.02.09 17:59:15 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{12BBC18F-C489-4226-B7AB-0210CFAFCCB9}
[2012.02.09 08:58:03 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.02.08 19:48:21 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{AB590C1B-A2DE-4CEF-ADE5-B00EDBBD87D3}
[2012.02.08 19:48:10 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{EF9811F2-7833-41C3-A4D7-3E8CA48244D0}
[2012.02.08 07:19:51 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{1D7DD209-7822-4983-A140-C5A7CD71C3DE}
[2012.02.08 07:19:40 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{98FBB903-39FA-4795-B7E8-DAE3BC461BD6}
[2012.02.08 05:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012.02.08 04:54:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012.02.07 13:05:06 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{31630DF1-D800-4402-A7C1-0A9240CC4D8F}
[2012.02.07 13:04:56 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{00A74554-13DC-4F0A-9BD8-96B81441A19F}
[2012.02.06 22:43:38 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2012.02.06 22:31:42 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.06 22:31:41 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.06 22:31:40 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.06 22:31:40 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.06 22:31:39 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.06 22:31:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.06 22:31:38 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.06 22:31:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.06 22:31:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.06 22:31:37 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.06 22:31:37 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.06 22:31:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.06 22:31:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.06 22:31:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.06 22:31:36 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.06 22:31:36 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.06 22:31:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.06 22:31:35 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.06 22:31:35 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.06 22:31:35 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.06 22:31:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.06 22:31:32 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.06 22:31:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.06 22:31:32 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.06 22:31:32 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.06 22:31:32 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.06 22:31:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.06 22:31:31 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.06 22:31:31 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.06 22:31:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.06 22:31:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.06 22:24:56 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{F8492A4F-7CF3-4D3F-86B4-34F19F2A8131}
[2012.02.06 22:24:44 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{24E3F626-F90C-4DEF-8FC9-795A5A0A89AD}
[2012.02.06 05:19:43 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{1A64A377-012A-4664-9184-13A1569E1D4F}
[2012.02.06 05:19:32 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{9DBA71EF-606E-4EE6-BD5A-5B2691ECBC7F}
[2012.02.05 12:19:48 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{39AB1633-CA14-4E99-9164-61217B5F9102}
[2012.02.05 12:19:37 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{FEF6CCAC-8D4F-4FFC-8700-BCC7154B1CF1}
[2012.02.04 11:53:52 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{E786E943-AEB9-4EFF-A27E-F55006A222A8}
[2012.02.04 11:53:40 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{F33872F9-BDF4-468F-BE2F-8FF0FA84E3CB}
[2012.02.03 08:43:49 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{54862B81-6752-4DC7-9E12-6761A4B4F827}
[2012.02.03 08:43:37 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\{362BB96A-AA5E-4268-9B76-EEEB6399711D}

========== Files - Modified Within 30 Days ==========

[2012.03.03 20:29:22 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2012.03.03 20:28:38 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.03 20:28:38 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.03 20:26:01 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2350472932-3067249167-3264205739-1000UA.job
[2012.03.03 20:14:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.03 19:25:18 | 000,000,000 | -H-- | M] () -- C:\Users\Pavel\Documents\Default.rdp
[2012.03.03 16:29:39 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.03 16:28:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.03 16:26:53 | 2143,154,176 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.03 16:25:53 | 000,007,983 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.03.03 07:26:06 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2350472932-3067249167-3264205739-1000Core.job
[2012.03.02 12:10:07 | 000,060,928 | ---- | M] () -- C:\Users\Pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.17 07:28:37 | 000,002,042 | ---- | M] () -- C:\Users\Pavel\Desktop\Google Chrome.lnk
[2012.02.15 23:27:00 | 003,727,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.15 22:26:39 | 000,596,386 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.02.15 22:26:39 | 000,114,502 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.02.10 16:02:49 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2012.02.10 16:02:37 | 000,231,760 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys
[2012.02.08 05:24:53 | 000,001,004 | ---- | M] () -- C:\Users\Pavel\Desktop\Photoshop – zástupce.lnk
[2012.02.06 22:32:00 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.02.06 22:32:00 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.02.06 22:31:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.06 22:31:41 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.06 22:31:40 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.06 22:31:40 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.06 22:31:39 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.06 22:31:39 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.06 22:31:38 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.06 22:31:38 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.06 22:31:38 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.06 22:31:37 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.06 22:31:37 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.06 22:31:37 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.06 22:31:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.06 22:31:37 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.06 22:31:37 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.06 22:31:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.06 22:31:36 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.06 22:31:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.06 22:31:35 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.06 22:31:35 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.06 22:31:35 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.06 22:31:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.06 22:31:32 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.06 22:31:32 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.06 22:31:32 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.06 22:31:32 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.06 22:31:32 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.06 22:31:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.06 22:31:31 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.06 22:31:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.06 22:31:31 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.06 22:31:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

========== Files Created - No Company Name ==========

[2012.03.03 19:25:18 | 000,000,000 | -H-- | C] () -- C:\Users\Pavel\Documents\Default.rdp
[2012.03.03 14:30:07 | 2143,154,176 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.29 07:02:08 | 000,022,016 | ---- | C] () -- C:\Users\Pavel\01046997.xlt
[2012.02.23 06:02:57 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.02.23 06:02:14 | 000,001,227 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.02.10 16:02:49 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2012.02.08 05:24:53 | 000,001,004 | ---- | C] () -- C:\Users\Pavel\Desktop\Photoshop – zástupce.lnk
[2012.02.08 05:03:46 | 000,001,016 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk
[2012.02.08 04:59:41 | 000,000,978 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk
[2012.02.08 04:58:27 | 000,001,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk
[2012.02.08 04:56:15 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk
[2012.02.08 04:55:57 | 000,001,340 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk
[2012.02.08 04:54:38 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.02.06 22:31:37 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.11.02 07:43:23 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.08.26 04:21:52 | 000,005,606 | ---- | C] () -- C:\Users\Pavel\AppData\Local\Temp5.html
[2011.08.25 19:27:06 | 000,005,606 | ---- | C] () -- C:\Users\Pavel\AppData\Local\Temp14.html
[2011.08.25 19:18:25 | 000,001,892 | ---- | C] () -- C:\Users\Pavel\AppData\Local\Temp1.html
[2011.07.31 22:09:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.30 21:09:37 | 000,046,080 | ---- | C] () -- C:\Windows\tbuninst2.exe
[2011.04.08 18:21:01 | 000,144,574 | ---- | C] () -- C:\Windows\hpoins18.dat.temp
[2011.04.08 18:21:01 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat.temp
[2011.04.06 09:55:53 | 000,112,640 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2011.04.06 09:55:38 | 000,001,644 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.03.05 13:32:55 | 000,000,340 | ---- | C] () -- C:\Windows\Solitaire.ini
[2011.03.03 14:24:31 | 000,000,906 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.02.28 16:55:58 | 000,122,880 | ---- | C] () -- C:\Windows\System32\trc.dll
[2011.02.28 16:55:12 | 000,124,264 | R--- | C] () -- C:\Windows\System32\mp3dec.dll
[2011.02.28 16:55:12 | 000,010,600 | R--- | C] () -- C:\Windows\System32\IcdSptSvps.dll
[2011.02.28 16:55:11 | 000,081,920 | R--- | C] () -- C:\Windows\System32\dsp_trc.dll
[2011.02.27 12:02:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.02.27 12:02:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.02.26 17:28:07 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.02.26 17:27:58 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.02.26 17:27:58 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.02.26 17:27:57 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2011.02.26 17:27:55 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.02.26 09:36:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.02.26 05:39:02 | 000,144,003 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011.02.26 05:37:53 | 000,006,600 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011.02.25 18:41:26 | 000,060,928 | ---- | C] () -- C:\Users\Pavel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.25 18:31:22 | 000,000,000 | ---- | C] () -- C:\Users\Pavel\AppData\Roaming\wklnhst.dat
[2011.02.25 14:13:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.25 13:33:04 | 000,007,983 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

========== LOP Check ==========

[2012.02.13 15:34:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\.RTS
[2011.04.15 20:32:57 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\avidemux
[2012.02.25 18:31:14 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\BatteryCare
[2012.02.09 08:58:03 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.10.24 21:34:12 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DAEMON Tools Lite
[2011.02.25 15:58:07 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DigitalPersona
[2011.03.29 22:12:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\DriverCure
[2011.10.22 22:55:04 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\GHISLER
[2011.04.08 14:18:59 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Image Zone Express
[2011.07.15 06:40:53 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\ImgBurn
[2011.02.26 03:45:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Kastner software
[2012.01.11 19:12:20 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Nokia
[2011.10.24 20:56:51 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Nokia Ovi Suite
[2012.01.11 19:12:22 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Nokia Suite
[2011.10.29 13:15:12 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\OpenCandy
[2012.01.23 18:33:12 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\OpenOffice.org
[2011.02.27 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Opera
[2011.10.27 22:08:06 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\PC Suite
[2012.02.25 10:12:08 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\PeerNetworking
[2011.03.20 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Printer Info Cache
[2011.12.24 16:54:55 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\SolSuite
[2011.03.03 14:05:46 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\STORMWARE
[2011.02.25 18:31:21 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Template
[2011.04.25 17:10:02 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Thunderbird
[2012.02.10 16:07:49 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TrueCrypt
[2011.10.29 13:20:15 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Uniblue
[2011.09.13 11:56:05 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Windows Live Writer
[2011.03.20 13:40:26 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\XnView
[2011.05.24 12:47:58 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Zoner
[2012.03.03 16:25:54 | 000,032,626 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\WINDOWS:30664EC915B01A92

< End of report >

Prosím o kontrolu logu Vyřešeno

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online