ComboFix 13-02-26.01 - pokus 28.02.2013 20:02:25.9.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.688 [GMT 1:00]
Spuštěný z: c:\documents and settings\pokus\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pokus\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA"
"c:\documents and settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-28 do 2013-02-28 )))))))))))))))))))))))))))))))
.
.
2013-02-28 16:28 . 2007-06-04 00:01 32768 ----a-w- c:\windows\V0470Mon.exe
2013-02-28 16:28 . 2007-04-20 00:00 24576 ----a-w- c:\windows\V0470Cfg.exe
2013-02-28 16:28 . 2007-04-04 00:00 155648 ----a-w- c:\windows\system32\V0470Cvw.crl
2013-02-28 16:28 . 2007-06-04 00:01 266240 ----a-w- c:\windows\system32\V0470Cvw.dll
2013-02-28 16:28 . 2007-04-12 00:00 94208 ----a-w- c:\windows\system32\V0470Ext.ax
2013-02-28 16:28 . 2007-04-04 00:00 20480 ----a-w- c:\windows\system32\V0470Ext.crl
2013-02-28 16:28 . 2007-04-21 00:00 36864 ----a-w- c:\windows\system32\V0470Pin.dll
2013-02-28 16:28 . 2007-04-22 00:00 28672 ----a-w- c:\windows\system32\V0470Hwx.dll
2013-02-28 16:28 . 2005-07-07 00:07 36864 ----a-w- c:\windows\system32\CtCamMgr.dll
2013-02-28 16:28 . 2004-07-06 00:00 24576 ----a-w- c:\windows\system32\CtCamPin.crl
2013-02-28 16:28 . 2007-05-09 00:00 146720 ----a-w- c:\windows\system32\drivers\V0470Vid.sys
2013-02-28 16:28 . 2013-02-28 16:28 -------- d-----w- c:\windows\CtDrvInstall
2013-02-28 16:22 . 2013-02-28 16:22 -------- d-----w- C:\Live! Cam
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\pokus\Data aplikací\DSite
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Babylon
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2013-02-28 10:37 . 2013-02-28 10:37 -------- d-----w- c:\program files\VideoConverter
2013-02-22 10:12 . 2013-02-22 10:19 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-21 09:40 . 2013-02-21 09:40 -------- d-----w- c:\program files\Common Files\Skype
2013-02-18 13:09 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-02-17 00:47 . 2013-02-19 06:38 -------- d-----w- c:\program files\Railroad Tycoon 3 Demo
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\pokus\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-12 14:54 . 2013-02-12 14:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-12 14:54 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-12 13:35 . 2013-02-12 13:35 50688 ----a-w- c:\program files\ATF-Cleaner.exe
2013-02-11 19:08 . 2013-02-11 19:08 388096 ----a-r- c:\documents and settings\pokus\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-11 19:08 . 2013-02-11 19:08 -------- d-----w- c:\program files\Trend Micro
2013-02-11 16:58 . 2012-10-30 22:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-02-11 16:58 . 2012-10-30 22:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-02-11 16:58 . 2012-10-30 22:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-02-11 16:58 . 2012-10-30 22:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-02-11 16:58 . 2012-10-30 22:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-02-11 16:58 . 2012-10-30 22:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2013-02-11 16:58 . 2012-10-30 22:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2013-02-11 16:58 . 2012-10-30 22:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2013-02-11 16:57 . 2012-10-30 22:51 41224 ----a-w- c:\windows\avastSS.scr
2013-02-11 16:57 . 2012-10-30 22:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\program files\AVAST Software
2013-02-11 16:56 . 2013-02-11 16:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2013-02-11 12:09 . 2001-10-25 14:00 138752 -c--a-w- c:\windows\system32\dllcache\sndvol32.exe
2013-02-11 12:09 . 2001-10-25 14:00 138752 ----a-w- c:\windows\system32\sndvol32.exe
2013-02-10 08:31 . 2008-02-18 16:14 106624 ----a-w- c:\windows\system32\drivers\Gt51Ip.sys
2013-02-10 08:31 . 2008-02-08 12:00 59648 ----a-w- c:\windows\system32\drivers\gt72ubus.sys
2013-02-10 08:31 . 2007-03-30 12:38 8064 ----a-w- c:\windows\system32\drivers\gtptser.sys
2013-02-10 08:31 . 2013-02-10 08:31 -------- d-----w- c:\program files\Option
2013-02-10 08:30 . 2013-02-10 08:30 -------- d-----w- c:\program files\Emotum
2013-02-09 17:10 . 2013-02-10 08:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Emotum
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:24 . 2012-04-18 04:45 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-26 21:24 . 2012-02-07 09:41 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-30 10:53 . 2011-11-20 16:54 232336 ------w- c:\windows\system32\MpSigStub.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2011-09-12 . 427E6DED3A2369D3432A683EB489EE14 . 502272 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\ERDNT\cache\winlogon.exe
.
[-] 2008-09-30 . 07DE423FB70EBAC5136677E3956FDBC3 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\ff65d7285a0ac7b11c922fdff2c799a3\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-12-23 26624]
"Emotum Mobile Broadband"="c:\program files\Emotum\Mobile Broadband\Mobile.exe" [2009-05-14 348968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-09-30 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-09-30 162584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-09-30 138008]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2008-09-30 102400]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2007-07-04 475136]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-06-04 32768]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^pokus^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\pokus\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
2007-03-02 10:25 208896 -c--a-w- c:\program files\Acer\Empowering Technology\ePresentation\ePresentation.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
2006-03-15 21:12 579584 -c--a-w- c:\program files\Acer\Empowering Technology\ePower\Boot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-03-28 21:11 3325952 -c--a-w- c:\program files\Electronic Arts\EADM\Core.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
2007-07-04 10:44 475136 ----a-w- c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2007-10-17 09:59 858632 ----a-w- c:\progra~1\LAUNCH~1\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 -c--a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 16:04 2879488 -c--a-w- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\BitLord_1.01.ex\\BitLord.exe"=
"c:\\Documents and Settings\\pokus\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:Remote Desktop
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11.2.2013 17:58 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.2.2013 17:58 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.2.2013 17:58 21256]
R2 GTDetectSc;GtDetectSc Service;c:\program files\Option\Option 225 Driver Installation\GtDetectSc.exe [18.12.2007 12:48 196704]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [10.2.2013 9:31 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [10.2.2013 9:31 59648]
R3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\system32\drivers\V0470Vid.sys [28.2.2013 17:28 146720]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12.2.2013 15:54 682344]
S3 FlashUSB;FlashUSB;c:\windows\system32\drivers\FlashUSB.sys [27.4.2011 10:03 16896]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12.2.2013 15:54 21104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.11.2008 5:48 717296]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-18 21:24]
.
2013-02-28 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-02-11 22:50]
.
2013-02-28 c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 195.54.122.221 195.54.122.211
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 20:13
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1076)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(2972)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\TrnOEH.dll
c:\program files\Acer\Empowering Technology\ePower\SysHook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2013-02-28 20:19:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-28 19:19
ComboFix2.txt 2013-02-28 12:45
.
Před spuštěním: Volných bajtů: 12 050 948 096
Po spuštění: Volných bajtů: 12 029 571 072
.
- - End Of File - - 4B66BD6C5AA8CFA08ACF415F7FBD686E
prosim o kontrolu logu, pls .. dekuji + Vyřešeno
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na OK. Po aktualizaci klikni na „Scan“ . Sken s databází Avastu trvá déle.
Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na OK. Po aktualizaci klikni na „Scan“ . Sken s databází Avastu trvá déle.
Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-03 13:52:24
-----------------------------
13:52:24.718 OS Version: Windows 5.1.2600 Service Pack 2
13:52:24.718 Number of processors: 1 586 0x1601
13:52:24.718 ComputerName: APOLLO-NOTE UserName: pokus
13:52:26.296 Initialize success
13:52:28.687 AVAST engine defs: 13030300
13:52:36.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
13:52:36.859 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
13:52:36.890 Disk 0 MBR read successfully
13:52:36.890 Disk 0 MBR scan
13:52:37.718 Disk 0 Windows XP default MBR code
13:52:37.734 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
13:52:38.046 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
13:52:38.640 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
13:52:38.875 Disk 0 scanning sectors +156296385
13:52:39.296 Disk 0 scanning C:\WINDOWS\system32\drivers
13:52:56.578 Service scanning
13:53:16.296 Modules scanning
13:53:29.296 Disk 0 trace - called modules:
13:53:29.656 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:53:29.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873151b8]
13:53:29.671 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\00000090[0x87363a98]
13:53:29.671 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x87365940]
13:53:29.921 AVAST engine scan C:\WINDOWS
13:53:38.093 AVAST engine scan C:\WINDOWS\system32
13:55:43.328 AVAST engine scan C:\WINDOWS\system32\drivers
13:55:56.062 AVAST engine scan C:\Documents and Settings\pokus
13:58:48.593 AVAST engine scan C:\Documents and Settings\All Users
13:58:49.984 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
13:58:50.046 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
13:59:34.750 Scan finished successfully
14:01:07.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
14:01:07.250 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
Run date: 2013-03-03 13:52:24
-----------------------------
13:52:24.718 OS Version: Windows 5.1.2600 Service Pack 2
13:52:24.718 Number of processors: 1 586 0x1601
13:52:24.718 ComputerName: APOLLO-NOTE UserName: pokus
13:52:26.296 Initialize success
13:52:28.687 AVAST engine defs: 13030300
13:52:36.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
13:52:36.859 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
13:52:36.890 Disk 0 MBR read successfully
13:52:36.890 Disk 0 MBR scan
13:52:37.718 Disk 0 Windows XP default MBR code
13:52:37.734 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
13:52:38.046 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
13:52:38.640 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
13:52:38.875 Disk 0 scanning sectors +156296385
13:52:39.296 Disk 0 scanning C:\WINDOWS\system32\drivers
13:52:56.578 Service scanning
13:53:16.296 Modules scanning
13:53:29.296 Disk 0 trace - called modules:
13:53:29.656 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:53:29.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873151b8]
13:53:29.671 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\00000090[0x87363a98]
13:53:29.671 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x87365940]
13:53:29.921 AVAST engine scan C:\WINDOWS
13:53:38.093 AVAST engine scan C:\WINDOWS\system32
13:55:43.328 AVAST engine scan C:\WINDOWS\system32\drivers
13:55:56.062 AVAST engine scan C:\Documents and Settings\pokus
13:58:48.593 AVAST engine scan C:\Documents and Settings\All Users
13:58:49.984 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
13:58:50.046 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
13:59:34.750 Scan finished successfully
14:01:07.187 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
14:01:07.250 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
Spusť znovu aswMBR a dej FIX a pak zase log
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosim o kontrolu logu, pls .. dekuji
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-03 21:44:56
-----------------------------
21:44:57.843 OS Version: Windows 5.1.2600 Service Pack 2
21:44:57.843 Number of processors: 1 586 0x1601
21:44:58.468 ComputerName: APOLLO-NOTE UserName: pokus
21:45:33.500 Initialize success
21:46:08.687 AVAST engine defs: 13030300
21:47:21.203 Verifying
21:47:31.296 Disk 0 Windows 501 MBR fixed successfully
21:48:16.437 Verifying
21:48:26.437 Disk 0 Windows 501 MBR fixed successfully
21:57:18.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
21:57:18.515 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
21:57:18.531 Disk 0 MBR read successfully
21:57:18.531 Disk 0 MBR scan
21:57:19.640 Disk 0 Windows XP default MBR code
21:57:19.656 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
21:57:19.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
21:57:20.500 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
21:57:20.750 Disk 0 scanning sectors +156296385
21:57:21.312 Disk 0 scanning C:\WINDOWS\system32\drivers
21:57:43.984 Service scanning
21:58:06.015 Modules scanning
21:58:21.312 Disk 0 trace - called modules:
21:58:21.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:58:21.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x872ffab8]
21:58:21.343 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\00000080[0x873359e8]
21:58:21.343 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8737dd98]
21:58:22.937 AVAST engine scan C:\WINDOWS
21:58:31.187 AVAST engine scan C:\WINDOWS\system32
22:00:40.171 AVAST engine scan C:\WINDOWS\system32\drivers
22:00:52.500 AVAST engine scan C:\Documents and Settings\pokus
22:01:21.343 Verifying
22:01:31.359 Disk 0 Windows 501 MBR fixed successfully
22:04:08.718 AVAST engine scan C:\Documents and Settings\All Users
22:04:10.234 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
22:04:10.296 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
22:04:55.828 Scan finished successfully
22:05:32.046 Verifying
22:05:42.062 Disk 0 Windows 501 MBR fixed successfully
22:06:27.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
22:06:27.093 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
Run date: 2013-03-03 21:44:56
-----------------------------
21:44:57.843 OS Version: Windows 5.1.2600 Service Pack 2
21:44:57.843 Number of processors: 1 586 0x1601
21:44:58.468 ComputerName: APOLLO-NOTE UserName: pokus
21:45:33.500 Initialize success
21:46:08.687 AVAST engine defs: 13030300
21:47:21.203 Verifying
21:47:31.296 Disk 0 Windows 501 MBR fixed successfully
21:48:16.437 Verifying
21:48:26.437 Disk 0 Windows 501 MBR fixed successfully
21:57:18.468 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
21:57:18.515 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
21:57:18.531 Disk 0 MBR read successfully
21:57:18.531 Disk 0 MBR scan
21:57:19.640 Disk 0 Windows XP default MBR code
21:57:19.656 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
21:57:19.968 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
21:57:20.500 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
21:57:20.750 Disk 0 scanning sectors +156296385
21:57:21.312 Disk 0 scanning C:\WINDOWS\system32\drivers
21:57:43.984 Service scanning
21:58:06.015 Modules scanning
21:58:21.312 Disk 0 trace - called modules:
21:58:21.343 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
21:58:21.343 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x872ffab8]
21:58:21.343 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\00000080[0x873359e8]
21:58:21.343 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8737dd98]
21:58:22.937 AVAST engine scan C:\WINDOWS
21:58:31.187 AVAST engine scan C:\WINDOWS\system32
22:00:40.171 AVAST engine scan C:\WINDOWS\system32\drivers
22:00:52.500 AVAST engine scan C:\Documents and Settings\pokus
22:01:21.343 Verifying
22:01:31.359 Disk 0 Windows 501 MBR fixed successfully
22:04:08.718 AVAST engine scan C:\Documents and Settings\All Users
22:04:10.234 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
22:04:10.296 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
22:04:55.828 Scan finished successfully
22:05:32.046 Verifying
22:05:42.062 Disk 0 Windows 501 MBR fixed successfully
22:06:27.093 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
22:06:27.093 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
22:04:10.234 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
22:04:10.296 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
nemaže to..
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
22:04:10.296 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
nemaže to..
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
OTL Extras logfile created on: 5.3.2013 10:24:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\pokus\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 762,64 Mb Available Physical Memory | 75,18% Memory free
2,39 Gb Paging File | 2,09 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,16 Gb Total Space | 10,73 Gb Free Space | 29,68% Space Free | Partition Type: NTFS
Drive D: | 28,35 Gb Total Space | 13,38 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Computer Name: APOLLO-NOTE | User Name: pokus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Disabled:Remote Desktop
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:Remote Desktop
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\BitLord_1.01.ex\BitLord.exe" = C:\Program Files\BitLord_1.01.ex\BitLord.exe:*:Enabled:BitLord -- (www.BitLord.com)
"C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{153F839F-0A63-41D8-890F-7324C0E13743}" = Broadcom Driver v4.170.25.12_Foxconn Installation Program
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235BBFC6-D863-4066-A01A-3BD504C31029}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773D872F-2FCB-4F5C-9E63-8E2291EBCF04}" = Railroad Tycoon 3 Demo
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}" = MP3 Player Utilities 5.09
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5288856-CAB4-432A-8CF2-CFCA60A0D36E}" = Mobile Broadband
"{C7888C3F-0506-555F-7907-CDD3F81719A5}" = Adobe Media Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D6A1D7F6-79CB-4159-AF03-F21F28080B97}" = Windows Live Toolbar
"{D9226EB1-C528-48AC-B423-BD9240E1F60B}" = Opera 9.62
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E9BD3051-ED56-4D05-AD8E-B3FA44B75AFC}" = Option 225 Driver Installation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BitLord" = BitLord 1.1
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Creative VF0470" = Creative Live! Cam Notebook Driver (1.01.01.00)
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.2.2 Shizuku Edition
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"Emotum Mobile Broadband" = Telenor Stay Connected
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.2.5
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV2Player" = MV2Player (remove only)
"Network Play System (Patching)" = Network Play System (Patching)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Translator" = PC Translator
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.9
"VorbisCodec" = Ogg Vorbis ACM Codec
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ Application Events ]
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ OSession Events ]
Error - 1.3.2012 11:39:16 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6.3.2012 2:44:34 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 508
seconds with 480 seconds of active time. This session ended with a crash.
Error - 27.4.2012 15:23:26 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 75
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.9.2012 4:33:04 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:14:08 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3880
seconds with 2340 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:26:45 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 562
seconds with 540 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:28:07 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:29:55 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:44:37 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 698
seconds with 60 seconds of active time. This session ended with a crash.
Error - 31.10.2012 10:11:49 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2.3.2013 4:24:01 | Computer Name = APOLLO-NOTE | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Adobe Flash Player Update Service.
Error - 2.3.2013 4:24:01 | Computer Name = APOLLO-NOTE | Source = Service Control Manager | ID = 7000
Description = Služba Adobe Flash Player Update Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 3.3.2013 6:22:33 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.251.109 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.211.142 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 8:34:38 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.211.143 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.247.244 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 14:30:46 | Computer Name = APOLLO-NOTE | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 3.3.2013 15:32:13 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.247.245 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.238.225 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 17:07:23 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.238.226 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.70.2 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 4.3.2013 4:19:55 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.70.1 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.74.242 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 4.3.2013 4:47:14 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.74.243 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.82.219 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 5.3.2013 4:54:38 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.82.220 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.213.201 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\pokus\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 762,64 Mb Available Physical Memory | 75,18% Memory free
2,39 Gb Paging File | 2,09 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,16 Gb Total Space | 10,73 Gb Free Space | 29,68% Space Free | Partition Type: NTFS
Drive D: | 28,35 Gb Total Space | 13,38 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Computer Name: APOLLO-NOTE | User Name: pokus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Opera\opera.exe" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"3389:TCP" = 3389:TCP:*:Disabled:Remote Desktop
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Disabled:Remote Desktop
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"C:\Program Files\BitLord_1.01.ex\BitLord.exe" = C:\Program Files\BitLord_1.01.ex\BitLord.exe:*:Enabled:BitLord -- (www.BitLord.com)
"C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{153F839F-0A63-41D8-890F-7324C0E13743}" = Broadcom Driver v4.170.25.12_Foxconn Installation Program
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235BBFC6-D863-4066-A01A-3BD504C31029}" = Nero 7 Ultra Edition
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40284D5A-EF61-4937-92CD-B7CB20C4C87B}" = Windows Live Fotogalerie
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773D872F-2FCB-4F5C-9E63-8E2291EBCF04}" = Railroad Tycoon 3 Demo
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{7CF94476-77F9-401E-BEB5-845285735AAB}" = Windows Live Zabezpečení rodiny
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}" = MP3 Player Utilities 5.09
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5288856-CAB4-432A-8CF2-CFCA60A0D36E}" = Mobile Broadband
"{C7888C3F-0506-555F-7907-CDD3F81719A5}" = Adobe Media Player
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6557BF-FA56-4C95-91E3-B8C641679DF0}" = Windows Live Messenger
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{D6A1D7F6-79CB-4159-AF03-F21F28080B97}" = Windows Live Toolbar
"{D9226EB1-C528-48AC-B423-BD9240E1F60B}" = Opera 9.62
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E9BD3051-ED56-4D05-AD8E-B3FA44B75AFC}" = Option 225 Driver Installation
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4D69A8D-BB5C-4C3D-A1AD-64C24233EDD6}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"BitLord" = BitLord 1.1
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Creative VF0470" = Creative Live! Cam Notebook Driver (1.01.01.00)
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.2.2 Shizuku Edition
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EADM" = EA Download Manager
"Emotum Mobile Broadband" = Telenor Stay Connected
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.2.5
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MV2Player" = MV2Player (remove only)
"Network Play System (Patching)" = Network Play System (Patching)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PC Translator" = PC Translator
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 0.9.9
"VorbisCodec" = Ogg Vorbis ACM Codec
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ Application Events ]
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 13:37:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 14:59:54 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 4.3.2013 15:35:05 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:44:47 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.
Error - 5.3.2013 4:47:36 | Computer Name = APOLLO-NOTE | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.
[ OSession Events ]
Error - 1.3.2012 11:39:16 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6.3.2012 2:44:34 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 508
seconds with 480 seconds of active time. This session ended with a crash.
Error - 27.4.2012 15:23:26 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 75
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.9.2012 4:33:04 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:14:08 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3880
seconds with 2340 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:26:45 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 562
seconds with 540 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:28:07 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:29:55 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 57
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.10.2012 6:44:37 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 698
seconds with 60 seconds of active time. This session ended with a crash.
Error - 31.10.2012 10:11:49 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2.3.2013 4:24:01 | Computer Name = APOLLO-NOTE | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Adobe Flash Player Update Service.
Error - 2.3.2013 4:24:01 | Computer Name = APOLLO-NOTE | Source = Service Control Manager | ID = 7000
Description = Služba Adobe Flash Player Update Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 3.3.2013 6:22:33 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.251.109 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.211.142 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 8:34:38 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.211.143 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.247.244 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 14:30:46 | Computer Name = APOLLO-NOTE | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.
Error - 3.3.2013 15:32:13 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.247.245 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.238.225 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 3.3.2013 17:07:23 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.238.226 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.70.2 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 4.3.2013 4:19:55 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.70.1 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.74.242 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 4.3.2013 4:47:14 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.74.243 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.82.219 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
Error - 5.3.2013 4:54:38 | Computer Name = APOLLO-NOTE | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 46.194.82.220 pro síťovou kartu s adresou 00F1D000F1D0
byla serverem DHCP 46.194.213.201 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).
< End of report >
Re: prosim o kontrolu logu, pls .. dekuji
OTL logfile created on: 5.3.2013 10:24:30 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\pokus\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 762,64 Mb Available Physical Memory | 75,18% Memory free
2,39 Gb Paging File | 2,09 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,16 Gb Total Space | 10,73 Gb Free Space | 29,68% Space Free | Partition Type: NTFS
Drive D: | 28,35 Gb Total Space | 13,38 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Computer Name: APOLLO-NOTE | User Name: pokus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\pokus\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\OETRN.EXE ()
PRC - C:\Program Files\Option\Option 225 Driver Installation\GtDetectSc.exe (OptionNV)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\V0470Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\defs\13030402\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\13030400\algo.dll ()
MOD - C:\WINDOWS\TRNOET.DLL ()
MOD - C:\WINDOWS\TRNOEH.DLL ()
MOD - C:\WINDOWS\OETRN.EXE ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_55ee40b3\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_a97ebe8e\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_1370b573\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_fe49c11d\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\DialogDLL.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll ()
MOD - C:\WINDOWS\system32\vorbis.dll ()
MOD - C:\WINDOWS\system32\ogg.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (GTDetectSc) -- C:\Program Files\Option\Option 225 Driver Installation\GtDetectSc.exe (OptionNV)
SRV - (eLockService) -- C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (Secdrv) -- system32\DRIVERS\secdrv.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (btwmodem) -- system32\DRIVERS\btwmodem.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (FlashUSB) -- C:\WINDOWS\system32\drivers\FlashUSB.sys (Danish Wireless Design A/S)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (GT72NDISIPXP) -- C:\WINDOWS\system32\drivers\Gt51Ip.sys (Option N.V.)
DRV - (GT72UBUS) -- C:\WINDOWS\system32\drivers\gt72ubus.sys (Option N.V.)
DRV - (tvicport) -- C:\WINDOWS\system32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (zntport) -- C:\WINDOWS\system32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (int15) -- C:\WINDOWS\system32\drivers\int15.sys (Acer, Inc.)
DRV - (VF0470Vid) -- C:\WINDOWS\system32\drivers\V0470Vid.sys (Creative Technology Ltd.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (GTPTSER) -- C:\WINDOWS\system32\drivers\gtptser.sys (Option N.V.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)
DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EA 5A 08 39 B8 F5 C9 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.18 11:14:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011.10.19 13:16:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pokus\Data aplikací\Mozilla\Extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
O1 HOSTS File: ([2013.02.28 20:13:30 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [V0470Mon.exe] C:\WINDOWS\V0470Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Emotum Mobile Broadband] C:\Program Files\Emotum\Mobile Broadband\Mobile.exe (Emotum)
O4 - HKCU..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\All Users\Dokumenty\Obrázky\Ukázky obrázků\Fluorescence1024.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\All Users\Dokumenty\Obrázky\Ukázky obrázků\Fluorescence1024.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.24 20:14:34 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.05 10:18:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pokus\Plocha\OTL.exe
[2013.03.03 13:46:37 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\pokus\Plocha\aswMBR.exe
[2013.03.03 11:49:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\pokus\Recent
[2013.03.03 11:48:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.02.28 17:28:47 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\V0470Mon.exe
[2013.02.28 17:28:46 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\V0470Cfg.exe
[2013.02.28 17:28:44 | 000,155,648 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Cvw.crl
[2013.02.28 17:28:43 | 000,266,240 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Cvw.dll
[2013.02.28 17:28:43 | 000,094,208 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Ext.ax
[2013.02.28 17:28:43 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Ext.crl
[2013.02.28 17:28:42 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Pin.dll
[2013.02.28 17:28:22 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Hwx.dll
[2013.02.28 17:28:21 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamMgr.dll
[2013.02.28 17:28:21 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamPin.crl
[2013.02.28 17:28:20 | 000,146,720 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\V0470Vid.sys
[2013.02.28 17:28:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\CtDrvInstall
[2013.02.28 17:22:12 | 000,000,000 | ---D | C] -- C:\Live! Cam
[2013.02.28 12:44:57 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.02.28 11:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Data aplikací\DSite
[2013.02.28 11:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Data aplikací\Babylon
[2013.02.28 11:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2013.02.28 11:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\VideoConverter
[2013.02.26 19:45:02 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Documents and Settings\pokus\Plocha\boot_cleaner.exe
[2013.02.22 11:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2013.02.22 11:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013.02.21 10:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.02.21 10:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.02.18 14:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Railroad Tycoon 3 Demo
[2013.02.17 01:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\Railroad Tycoon 3 Demo
[2013.02.12 21:19:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\pokus\Nabídka Start\Programy\Nástroje pro správu
[2013.02.12 15:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Data aplikací\Malwarebytes
[2013.02.12 15:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.02.12 15:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.02.12 15:54:23 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.02.12 15:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.12 14:35:09 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe
[2013.02.11 20:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Nabídka Start\Programy\HiJackThis
[2013.02.11 20:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.02.11 17:58:56 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.02.11 17:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2013.02.11 17:58:55 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.02.11 17:58:45 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.02.11 17:58:44 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.02.11 17:58:42 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.02.11 17:58:40 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.02.11 17:58:39 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.02.11 17:58:38 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.02.11 17:57:34 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.02.11 17:57:31 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.02.11 17:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.02.11 17:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.02.11 13:09:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.02.11 13:09:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.02.10 09:31:09 | 000,106,624 | ---- | C] (Option N.V.) -- C:\WINDOWS\System32\drivers\Gt51Ip.sys
[2013.02.10 09:31:09 | 000,059,648 | ---- | C] (Option N.V.) -- C:\WINDOWS\System32\drivers\gt72ubus.sys
[2013.02.10 09:31:09 | 000,008,064 | ---- | C] (Option N.V.) -- C:\WINDOWS\System32\drivers\gtptser.sys
[2013.02.10 09:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Option
[2013.02.10 09:30:46 | 000,000,000 | ---D | C] -- C:\Program Files\Emotum
[2013.02.10 09:21:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Nabídka Start\Programy\Telenor
[2013.02.09 18:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Emotum
[2013.02.04 10:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Application Data
========== Files - Modified Within 30 Days ==========
[2013.03.05 10:25:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
[2013.03.05 10:20:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.03.05 10:19:19 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2013.03.05 10:19:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pokus\Plocha\OTL.exe
[2013.03.05 09:48:53 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.03.05 09:47:38 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.05 09:44:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.05 09:44:30 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.03 22:06:27 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\MBR.dat
[2013.03.03 13:48:05 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\pokus\Plocha\aswMBR.exe
[2013.03.03 12:54:17 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.03.03 11:49:29 | 000,135,986 | ---- | M] () -- C:\Documents and Settings\pokus\Dokumenty\cc_20130303_114917.reg
[2013.02.28 20:13:30 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.02.27 21:17:32 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\HiJackThis.lnk
[2013.02.27 20:26:54 | 000,232,854 | ---- | M] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130227_202408.reg
[2013.02.26 22:24:13 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.02.26 22:24:13 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.02.22 11:13:22 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\CrystalDiskInfo.lnk
[2013.02.22 09:37:09 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\fix.bat
[2013.02.21 14:45:01 | 000,002,839 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2013.02.21 14:40:06 | 000,005,442 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2013.02.21 14:40:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2013.02.18 14:10:38 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Railroad Tycoon 3 Demo.lnk
[2013.02.18 13:06:20 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.02.18 13:05:17 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.17 03:06:43 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\pokus\Data aplikací\winscp.rnd
[2013.02.16 18:06:03 | 000,000,096 | ---- | M] () -- C:\Documents and Settings\pokus\default.pls
[2013.02.16 17:40:20 | 000,000,071 | ---- | M] () -- C:\WINDOWS\Sven97.ini
[2013.02.16 17:35:13 | 000,968,678 | ---- | M] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130216_173426.reg
[2013.02.12 15:54:27 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.02.12 15:40:04 | 000,587,671 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\adwcleaner0.exe
[2013.02.12 14:35:15 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe
[2013.02.11 17:58:57 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.02.11 17:58:41 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.02.11 14:16:52 | 000,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.02.11 10:29:13 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013.02.09 18:52:06 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2013.03.03 11:49:23 | 000,135,986 | ---- | C] () -- C:\Documents and Settings\pokus\Dokumenty\cc_20130303_114917.reg
[2013.02.28 17:28:52 | 000,003,334 | ---- | C] () -- C:\WINDOWS\VF0470.uns
[2013.02.28 17:28:44 | 000,188,891 | ---- | C] () -- C:\WINDOWS\System32\V0470Cvw.bff
[2013.02.28 17:28:21 | 000,057,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\V0470PC.bmp
[2013.02.27 20:24:46 | 000,232,854 | ---- | C] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130227_202408.reg
[2013.02.22 11:13:22 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\CrystalDiskInfo.lnk
[2013.02.22 09:37:09 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\fix.bat
[2013.02.19 08:30:46 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.18 14:10:38 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Railroad Tycoon 3 Demo.lnk
[2013.02.16 17:34:56 | 000,968,678 | ---- | C] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130216_173426.reg
[2013.02.14 00:14:32 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\MBR.dat
[2013.02.12 15:54:27 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.02.12 15:39:55 | 000,587,671 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\adwcleaner0.exe
[2013.02.11 20:08:38 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\HiJackThis.lnk
[2013.02.11 17:58:57 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.02.11 17:58:42 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.29 13:19:58 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Sven97.ini
[2013.01.29 13:19:28 | 000,000,124 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2012.12.11 02:02:37 | 000,000,096 | ---- | C] () -- C:\Documents and Settings\pokus\default.pls
[2012.09.24 13:49:29 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2012.02.06 20:30:08 | 000,165,424 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.04.27 09:11:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.04.27 09:11:44 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.10.25 09:02:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\pokus\Data aplikací\winscp.rnd
[2009.06.12 15:18:39 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.27 11:33:07 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\pokus\Local Settings\Data aplikací\fusioncache.dat
========== ZeroAccess Check ==========
[2008.11.10 00:27:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.08.20 06:38:43 | 001,495,040 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004.08.17 14:49:20 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.11 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.02.28 11:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2008.11.10 05:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2010.10.21 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2013.02.10 09:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Emotum
[2012.08.05 14:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.12.09 13:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2009.12.24 20:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\muvee Technologies
[2012.08.05 14:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.11.29 19:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SmartCard Reader Installation
[2009.12.24 22:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.10.04 21:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\906E707554F70DDF62B35C05C0A7688A
[2013.02.28 11:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Babylon
[2009.10.09 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\DAEMON Tools
[2013.02.28 11:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\DSite
[2013.02.04 11:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\EuroTalk
[2009.06.25 18:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\ICQ
[2009.12.24 22:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\muvee Technologies
[2012.11.18 15:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Nokia
[2009.04.27 13:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Opera
[2012.08.05 14:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\PC Suite
[2009.10.28 18:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\SlovnikApp
[2009.07.03 14:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\pokus\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1014,36 Mb Total Physical Memory | 762,64 Mb Available Physical Memory | 75,18% Memory free
2,39 Gb Paging File | 2,09 Gb Available in Paging File | 87,54% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36,16 Gb Total Space | 10,73 Gb Free Space | 29,68% Space Free | Partition Type: NTFS
Drive D: | 28,35 Gb Total Space | 13,38 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Computer Name: APOLLO-NOTE | User Name: pokus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Documents and Settings\pokus\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\WINDOWS\OETRN.EXE ()
PRC - C:\Program Files\Option\Option 225 Driver Installation\GtDetectSc.exe (OptionNV)
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\V0470Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\defs\13030402\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\defs\13030400\algo.dll ()
MOD - C:\WINDOWS\TRNOET.DLL ()
MOD - C:\WINDOWS\TRNOEH.DLL ()
MOD - C:\WINDOWS\OETRN.EXE ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_55ee40b3\mscorlib.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_a97ebe8e\system.drawing.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_1370b573\system.windows.forms.dll ()
MOD - c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_fe49c11d\system.dll ()
MOD - c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll ()
MOD - c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll ()
MOD - c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll ()
MOD - c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll ()
MOD - c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\DialogDLL.dll ()
MOD - C:\Program Files\Acer\Empowering Technology\ePower\SysHook.dll ()
MOD - C:\WINDOWS\system32\vorbis.dll ()
MOD - C:\WINDOWS\system32\ogg.dll ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (GTDetectSc) -- C:\Program Files\Option\Option 225 Driver Installation\GtDetectSc.exe (OptionNV)
SRV - (eLockService) -- C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe ( )
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (Secdrv) -- system32\DRIVERS\secdrv.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (btwmodem) -- system32\DRIVERS\btwmodem.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (FlashUSB) -- C:\WINDOWS\system32\drivers\FlashUSB.sys (Danish Wireless Design A/S)
DRV - (fssfltr) -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (btwhid) -- C:\WINDOWS\system32\drivers\btwhid.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (GT72NDISIPXP) -- C:\WINDOWS\system32\drivers\Gt51Ip.sys (Option N.V.)
DRV - (GT72UBUS) -- C:\WINDOWS\system32\drivers\gt72ubus.sys (Option N.V.)
DRV - (tvicport) -- C:\WINDOWS\system32\drivers\TVicPort.sys (EnTech Taiwan)
DRV - (zntport) -- C:\WINDOWS\system32\drivers\zntport.sys (Zeal SoftStudio)
DRV - (int15) -- C:\WINDOWS\system32\drivers\int15.sys (Acer, Inc.)
DRV - (VF0470Vid) -- C:\WINDOWS\system32\drivers\V0470Vid.sys (Creative Technology Ltd.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (GTPTSER) -- C:\WINDOWS\system32\drivers\gtptser.sys (Option N.V.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (Changer) -- C:\WINDOWS\System32\drivers\changer.sys (Microsoft Corporation)
DRV - (lbrtfdc) -- C:\WINDOWS\System32\drivers\lbrtfdc.sys (Toshiba Corp.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EA 5A 08 39 B8 F5 C9 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.08.18 11:14:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
[2011.10.19 13:16:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pokus\Data aplikací\Mozilla\Extensions
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\pokus\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Documents and Settings\pokus\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
O1 HOSTS File: ([2013.02.28 20:13:30 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [V0470Mon.exe] C:\WINDOWS\V0470Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Emotum Mobile Broadband] C:\Program Files\Emotum\Mobile Broadband\Mobile.exe (Emotum)
O4 - HKCU..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\All Users\Dokumenty\Obrázky\Ukázky obrázků\Fluorescence1024.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\All Users\Dokumenty\Obrázky\Ukázky obrázků\Fluorescence1024.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.24 20:14:34 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.03.05 10:18:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\pokus\Plocha\OTL.exe
[2013.03.03 13:46:37 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\pokus\Plocha\aswMBR.exe
[2013.03.03 11:49:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\pokus\Recent
[2013.03.03 11:48:13 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.02.28 17:28:47 | 000,032,768 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\V0470Mon.exe
[2013.02.28 17:28:46 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\V0470Cfg.exe
[2013.02.28 17:28:44 | 000,155,648 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Cvw.crl
[2013.02.28 17:28:43 | 000,266,240 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Cvw.dll
[2013.02.28 17:28:43 | 000,094,208 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Ext.ax
[2013.02.28 17:28:43 | 000,020,480 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Ext.crl
[2013.02.28 17:28:42 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Pin.dll
[2013.02.28 17:28:22 | 000,028,672 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\V0470Hwx.dll
[2013.02.28 17:28:21 | 000,036,864 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamMgr.dll
[2013.02.28 17:28:21 | 000,024,576 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\CtCamPin.crl
[2013.02.28 17:28:20 | 000,146,720 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\V0470Vid.sys
[2013.02.28 17:28:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\CtDrvInstall
[2013.02.28 17:22:12 | 000,000,000 | ---D | C] -- C:\Live! Cam
[2013.02.28 12:44:57 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.02.28 11:37:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Data aplikací\DSite
[2013.02.28 11:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Data aplikací\Babylon
[2013.02.28 11:37:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2013.02.28 11:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\VideoConverter
[2013.02.26 19:45:02 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Documents and Settings\pokus\Plocha\boot_cleaner.exe
[2013.02.22 11:13:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CrystalDiskInfo
[2013.02.22 11:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013.02.21 10:40:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.02.21 10:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.02.18 14:10:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Railroad Tycoon 3 Demo
[2013.02.17 01:47:59 | 000,000,000 | ---D | C] -- C:\Program Files\Railroad Tycoon 3 Demo
[2013.02.12 21:19:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\pokus\Nabídka Start\Programy\Nástroje pro správu
[2013.02.12 15:54:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Data aplikací\Malwarebytes
[2013.02.12 15:54:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.02.12 15:54:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.02.12 15:54:23 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.02.12 15:54:23 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.12 14:35:09 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe
[2013.02.11 20:08:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Nabídka Start\Programy\HiJackThis
[2013.02.11 20:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.02.11 17:58:56 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.02.11 17:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2013.02.11 17:58:55 | 000,361,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.02.11 17:58:45 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.02.11 17:58:44 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.02.11 17:58:42 | 000,738,504 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.02.11 17:58:40 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2013.02.11 17:58:39 | 000,089,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2013.02.11 17:58:38 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2013.02.11 17:57:34 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.02.11 17:57:31 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.02.11 17:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.02.11 17:56:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.02.11 13:09:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2013.02.11 13:09:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2013.02.10 09:31:09 | 000,106,624 | ---- | C] (Option N.V.) -- C:\WINDOWS\System32\drivers\Gt51Ip.sys
[2013.02.10 09:31:09 | 000,059,648 | ---- | C] (Option N.V.) -- C:\WINDOWS\System32\drivers\gt72ubus.sys
[2013.02.10 09:31:09 | 000,008,064 | ---- | C] (Option N.V.) -- C:\WINDOWS\System32\drivers\gtptser.sys
[2013.02.10 09:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\Option
[2013.02.10 09:30:46 | 000,000,000 | ---D | C] -- C:\Program Files\Emotum
[2013.02.10 09:21:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Nabídka Start\Programy\Telenor
[2013.02.09 18:10:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Emotum
[2013.02.04 10:18:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pokus\Application Data
========== Files - Modified Within 30 Days ==========
[2013.03.05 10:25:00 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job
[2013.03.05 10:20:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.03.05 10:19:19 | 000,000,428 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2013.03.05 10:19:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pokus\Plocha\OTL.exe
[2013.03.05 09:48:53 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.03.05 09:47:38 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.05 09:44:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.05 09:44:30 | 1063,702,528 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.03 22:06:27 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\MBR.dat
[2013.03.03 13:48:05 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\pokus\Plocha\aswMBR.exe
[2013.03.03 12:54:17 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.03.03 11:49:29 | 000,135,986 | ---- | M] () -- C:\Documents and Settings\pokus\Dokumenty\cc_20130303_114917.reg
[2013.02.28 20:13:30 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.02.27 21:17:32 | 000,002,441 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\HiJackThis.lnk
[2013.02.27 20:26:54 | 000,232,854 | ---- | M] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130227_202408.reg
[2013.02.26 22:24:13 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.02.26 22:24:13 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.02.22 11:13:22 | 000,001,650 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\CrystalDiskInfo.lnk
[2013.02.22 09:37:09 | 000,000,054 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\fix.bat
[2013.02.21 14:45:01 | 000,002,839 | ---- | M] () -- C:\WINDOWS\TRNCOM.INI
[2013.02.21 14:40:06 | 000,005,442 | ---- | M] () -- C:\WINDOWS\WTRAN32.INI
[2013.02.21 14:40:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\XXLGSC
[2013.02.18 14:10:38 | 000,000,758 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Railroad Tycoon 3 Demo.lnk
[2013.02.18 13:06:20 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.02.18 13:05:17 | 000,038,400 | ---- | M] () -- C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.17 03:06:43 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\pokus\Data aplikací\winscp.rnd
[2013.02.16 18:06:03 | 000,000,096 | ---- | M] () -- C:\Documents and Settings\pokus\default.pls
[2013.02.16 17:40:20 | 000,000,071 | ---- | M] () -- C:\WINDOWS\Sven97.ini
[2013.02.16 17:35:13 | 000,968,678 | ---- | M] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130216_173426.reg
[2013.02.12 15:54:27 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.02.12 15:40:04 | 000,587,671 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\adwcleaner0.exe
[2013.02.12 14:35:15 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Program Files\ATF-Cleaner.exe
[2013.02.11 17:58:57 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.02.11 17:58:41 | 000,002,552 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.02.11 14:16:52 | 000,003,739 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.02.11 10:29:13 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013.02.09 18:52:06 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\pokus\Plocha\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2013.03.03 11:49:23 | 000,135,986 | ---- | C] () -- C:\Documents and Settings\pokus\Dokumenty\cc_20130303_114917.reg
[2013.02.28 17:28:52 | 000,003,334 | ---- | C] () -- C:\WINDOWS\VF0470.uns
[2013.02.28 17:28:44 | 000,188,891 | ---- | C] () -- C:\WINDOWS\System32\V0470Cvw.bff
[2013.02.28 17:28:21 | 000,057,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\V0470PC.bmp
[2013.02.27 20:24:46 | 000,232,854 | ---- | C] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130227_202408.reg
[2013.02.22 11:13:22 | 000,001,650 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\CrystalDiskInfo.lnk
[2013.02.22 09:37:09 | 000,000,054 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\fix.bat
[2013.02.19 08:30:46 | 1063,702,528 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.18 14:10:38 | 000,000,758 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Railroad Tycoon 3 Demo.lnk
[2013.02.16 17:34:56 | 000,968,678 | ---- | C] () -- C:\Documents and Settings\pokus\Dokumenty\zaloha registru cc_20130216_173426.reg
[2013.02.14 00:14:32 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\MBR.dat
[2013.02.12 15:54:27 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.02.12 15:39:55 | 000,587,671 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\adwcleaner0.exe
[2013.02.11 20:08:38 | 000,002,441 | ---- | C] () -- C:\Documents and Settings\pokus\Plocha\HiJackThis.lnk
[2013.02.11 17:58:57 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.02.11 17:58:42 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.29 13:19:58 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Sven97.ini
[2013.01.29 13:19:28 | 000,000,124 | ---- | C] () -- C:\WINDOWS\_delis43.ini
[2012.12.11 02:02:37 | 000,000,096 | ---- | C] () -- C:\Documents and Settings\pokus\default.pls
[2012.09.24 13:49:29 | 000,000,428 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2012.02.06 20:30:08 | 000,165,424 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2011.04.27 09:11:44 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.04.27 09:11:44 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.10.25 09:02:06 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\pokus\Data aplikací\winscp.rnd
[2009.06.12 15:18:39 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.27 11:33:07 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\pokus\Local Settings\Data aplikací\fusioncache.dat
========== ZeroAccess Check ==========
[2008.11.10 00:27:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.08.20 06:38:43 | 001,495,040 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:22:07 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004.08.17 14:49:20 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.02.11 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.02.28 11:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Babylon
[2008.11.10 05:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Broadcom
[2010.10.21 21:06:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2013.02.10 09:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Emotum
[2012.08.05 14:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.12.09 13:19:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2009.12.24 20:11:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\muvee Technologies
[2012.08.05 14:37:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.11.29 19:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SmartCard Reader Installation
[2009.12.24 22:35:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.10.04 21:26:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\906E707554F70DDF62B35C05C0A7688A
[2013.02.28 11:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Babylon
[2009.10.09 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\DAEMON Tools
[2013.02.28 11:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\DSite
[2013.02.04 11:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\EuroTalk
[2009.06.25 18:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\ICQ
[2009.12.24 22:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\muvee Technologies
[2012.11.18 15:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Nokia
[2009.04.27 13:21:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Opera
[2012.08.05 14:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\PC Suite
[2009.10.28 18:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\SlovnikApp
[2009.07.03 14:07:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pokus\Data aplikací\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
C:\Documents and Settings\pokus\Data aplikací\DSite---znáš ten program?
Možná při problémech přeinstaluj Office.
Pak zase aswMBR.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
DRV - (WDICA) -- File not found
DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (UIUSys) -- system32\DRIVERS\UIUSYS.SYS File not found
DRV - (Secdrv) -- system32\DRIVERS\secdrv.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (btwmodem) -- system32\DRIVERS\btwmodem.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}: "URL" = http://search.mywebsearch.com/mywebsear ... searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
@Alternate Data Stream - 127 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Documents and Settings\pokus\Data aplikací\Babylon
C:\Documents and Settings\All Users\Data aplikací\Babylon
C:\WINDOWS\XXLGSC
C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\imsins.BAK
C:\Documents and Settings\pokus\Plocha\fix.bat
C:\WINDOWS\_delis43.ini
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802
:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"65533:TCP" =-
"52344:TCP" =-
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Aktualizuj javu:
Java SE Runtime Environment 7
Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.
C:\Documents and Settings\pokus\Data aplikací\DSite---znáš ten program?
Error - 31.10.2012 10:11:49 | Computer Name = APOLLO-NOTE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Možná při problémech přeinstaluj Office.
Pak zase aswMBR.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosim o kontrolu logu, pls .. dekuji
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service USBModem stopped successfully!
Service USBModem deleted successfully!
File system32\DRIVERS\lgusbmodem.sys File not found not found.
Service UsbDiag stopped successfully!
Service UsbDiag deleted successfully!
File system32\DRIVERS\lgusbdiag.sys File not found not found.
Service usbbus stopped successfully!
Service usbbus deleted successfully!
File system32\DRIVERS\lgusbbus.sys File not found not found.
Service UIUSys stopped successfully!
Service UIUSys deleted successfully!
File system32\DRIVERS\UIUSYS.SYS File not found not found.
Service Secdrv stopped successfully!
Service Secdrv deleted successfully!
File system32\DRIVERS\secdrv.sys File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service btwmodem stopped successfully!
Service btwmodem deleted successfully!
File system32\DRIVERS\btwmodem.sys File not found not found.
Service BTWDNDIS stopped successfully!
Service BTWDNDIS deleted successfully!
File system32\DRIVERS\btwdndis.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\avast! Emergency Update.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\pokus\Data aplikací\Babylon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Babylon folder moved successfully.
C:\WINDOWS\XXLGSC moved successfully.
C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\imsins.BAK moved successfully.
C:\Documents and Settings\pokus\Plocha\fix.bat moved successfully.
C:\WINDOWS\_delis43.ini moved successfully.
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\65533:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\52344:TCP deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: pokus
->Temp folder emptied: 295845 bytes
->Temporary Internet Files folder emptied: 1751463 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 230714764 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 638 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 196694 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 89586 bytes
Total Files Cleaned = 222,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03062013_112050
Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_91c.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
"C:\Documents and Settings\pokus\Data aplikací\DSite-" vytvoreno nedavno, ale nevim, neznam
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service HidServ stopped successfully!
Service HidServ deleted successfully!
File %SystemRoot%\System32\hidserv.dll File not found not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service USBModem stopped successfully!
Service USBModem deleted successfully!
File system32\DRIVERS\lgusbmodem.sys File not found not found.
Service UsbDiag stopped successfully!
Service UsbDiag deleted successfully!
File system32\DRIVERS\lgusbdiag.sys File not found not found.
Service usbbus stopped successfully!
Service usbbus deleted successfully!
File system32\DRIVERS\lgusbbus.sys File not found not found.
Service UIUSys stopped successfully!
Service UIUSys deleted successfully!
File system32\DRIVERS\UIUSYS.SYS File not found not found.
Service Secdrv stopped successfully!
Service Secdrv deleted successfully!
File system32\DRIVERS\secdrv.sys File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service btwmodem stopped successfully!
Service btwmodem deleted successfully!
File system32\DRIVERS\btwmodem.sys File not found not found.
Service BTWDNDIS stopped successfully!
Service BTWDNDIS deleted successfully!
File system32\DRIVERS\btwdndis.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23088cf8-eaf8-4bb3-a251-9ba61557ac75}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:ECE4A64B deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\avast! Emergency Update.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{D7450B31-9858-428F-8599-39DDCA4984F1}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Documents and Settings\pokus\Data aplikací\Babylon folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Babylon folder moved successfully.
C:\WINDOWS\XXLGSC moved successfully.
C:\Documents and Settings\pokus\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\imsins.BAK moved successfully.
C:\Documents and Settings\pokus\Plocha\fix.bat moved successfully.
C:\WINDOWS\_delis43.ini moved successfully.
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\65533:TCP deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\52344:TCP deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: pokus
->Temp folder emptied: 295845 bytes
->Temporary Internet Files folder emptied: 1751463 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 230714764 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 638 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 196694 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 89586 bytes
Total Files Cleaned = 222,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03062013_112050
Files\Folders moved on Reboot...
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_91c.dat moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
"C:\Documents and Settings\pokus\Data aplikací\DSite-" vytvoreno nedavno, ale nevim, neznam
Re: prosim o kontrolu logu, pls .. dekuji
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-06 13:12:38
-----------------------------
13:12:38.765 OS Version: Windows 5.1.2600 Service Pack 2
13:12:38.765 Number of processors: 1 586 0x1601
13:12:38.765 ComputerName: APOLLO-NOTE UserName: pokus
13:12:39.171 Initialize success
13:12:40.281 AVAST engine defs: 13030600
13:12:44.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
13:12:44.640 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
13:12:44.656 Disk 0 MBR read successfully
13:12:44.656 Disk 0 MBR scan
13:12:44.656 Disk 0 Windows XP default MBR code
13:12:44.656 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
13:12:44.671 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
13:12:44.718 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
13:12:44.734 Disk 0 scanning sectors +156296385
13:12:44.875 Disk 0 scanning C:\WINDOWS\system32\drivers
13:12:59.515 Service scanning
13:13:19.078 Modules scanning
13:13:26.750 Disk 0 trace - called modules:
13:13:27.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:13:27.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87312ab8]
13:13:27.140 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\0000008f[0x87363030]
13:13:27.140 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8732dd98]
13:13:27.328 AVAST engine scan C:\WINDOWS
13:13:35.453 AVAST engine scan C:\WINDOWS\system32
13:15:32.906 AVAST engine scan C:\WINDOWS\system32\drivers
13:15:44.953 AVAST engine scan C:\Documents and Settings\pokus
13:19:37.437 AVAST engine scan C:\Documents and Settings\All Users
13:19:39.859 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
13:19:39.937 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
13:20:42.562 Scan finished successfully
13:21:06.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
13:21:06.765 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
13:22:06.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
13:22:06.859 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
-nektere programy jsou opravdu o poznani rychlejsi, jen ten intern. prohlizec je nejaky zasekeny, pri jeho spusteni cekam opravdu tak 5 min, nez se to nacte a pak se to treba po tech peti min., sekne. Kdyz se to rozbehne, dalsi zalozky pak naskakuji rychleji a pracuje uspokojive, jen to prvni spusteni.
-zkusila jsem diagnostikovat problem s nastroji sady office, neco to tam opravilo, tak nevim, popr. jak to preinstaluji, kdyz nemam Cd?
Run date: 2013-03-06 13:12:38
-----------------------------
13:12:38.765 OS Version: Windows 5.1.2600 Service Pack 2
13:12:38.765 Number of processors: 1 586 0x1601
13:12:38.765 ComputerName: APOLLO-NOTE UserName: pokus
13:12:39.171 Initialize success
13:12:40.281 AVAST engine defs: 13030600
13:12:44.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
13:12:44.640 Disk 0 Vendor: Hitachi_HTS541680J9SA00 SB2OC70P Size: 76319MB BusType: 3
13:12:44.656 Disk 0 MBR read successfully
13:12:44.656 Disk 0 MBR scan
13:12:44.656 Disk 0 Windows XP default MBR code
13:12:44.656 Disk 0 Partition 1 00 12 Compaq diag MSDOS5.0 10252 MB offset 63
13:12:44.671 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 37032 MB offset 20996955
13:12:44.718 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 29031 MB offset 96839820
13:12:44.734 Disk 0 scanning sectors +156296385
13:12:44.875 Disk 0 scanning C:\WINDOWS\system32\drivers
13:12:59.515 Service scanning
13:13:19.078 Modules scanning
13:13:26.750 Disk 0 trace - called modules:
13:13:27.125 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:13:27.125 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87312ab8]
13:13:27.140 3 CLASSPNP.SYS[f751e05b] -> nt!IofCallDriver -> \Device\0000008f[0x87363030]
13:13:27.140 5 ACPI.sys[f7394620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x8732dd98]
13:13:27.328 AVAST engine scan C:\WINDOWS
13:13:35.453 AVAST engine scan C:\WINDOWS\system32
13:15:32.906 AVAST engine scan C:\WINDOWS\system32\drivers
13:15:44.953 AVAST engine scan C:\Documents and Settings\pokus
13:19:37.437 AVAST engine scan C:\Documents and Settings\All Users
13:19:39.859 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095A5296FBBA **INFECTED** Win32:Sinowal-IK [Trj]
13:19:39.937 File: C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\01CE095AE4826802 **INFECTED** Win32:Sinowal-IK [Trj]
13:20:42.562 Scan finished successfully
13:21:06.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
13:21:06.765 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
13:22:06.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\pokus\Plocha\MBR.dat"
13:22:06.859 The log file has been saved successfully to "C:\Documents and Settings\pokus\Plocha\aswMBR.txt"
-nektere programy jsou opravdu o poznani rychlejsi, jen ten intern. prohlizec je nejaky zasekeny, pri jeho spusteni cekam opravdu tak 5 min, nez se to nacte a pak se to treba po tech peti min., sekne. Kdyz se to rozbehne, dalsi zalozky pak naskakuji rychleji a pracuje uspokojive, jen to prvni spusteni.
-zkusila jsem diagnostikovat problem s nastroji sady office, neco to tam opravilo, tak nevim, popr. jak to preinstaluji, kdyz nemam Cd?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosim o kontrolu logu, pls .. dekuji +
Bez CD Office to nepůjde...
ale je možnost tady:
http://support.microsoft.com/fixit/
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Znovu TDSSKiller
Znovu aswMBR
+
Stáhni si RootRepeal
Rozbal si archív třeba do C:\RootRepeal
Poklepej na RootRepeal.exe ke startu programu ( ve vistě pravým a vybrat spustit jako administrátor).
Klikni v dolní části na Files a potom na Scan .
Objeví se dialog.okno, dej zatržítko na disk, který chceš skenovat( nejčastěji na C:\) , a potom na OK.
Program začne skenovat zatržený disk. Když sken skončí , budou tam vypsané soubory, ale ne všechny musí být legitimní. Klikni na Save Report a ulož si log do dokumentů. Vlož sem prosím celý jeho obsah.
ale je možnost tady:
http://support.microsoft.com/fixit/
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
:Files
C:\Documents and Settings\pokus\Data aplikací\DSite
C:\Documents and Settings\All Users\Data aplikací\AVAST Software\Avast\arpot\TEMP\*.*
ipconfig /flushdns /c
:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Znovu TDSSKiller
Znovu aswMBR
+
Stáhni si RootRepeal
Rozbal si archív třeba do C:\RootRepeal
Poklepej na RootRepeal.exe ke startu programu ( ve vistě pravým a vybrat spustit jako administrátor).
Klikni v dolní části na Files a potom na Scan .
Objeví se dialog.okno, dej zatržítko na disk, který chceš skenovat( nejčastěji na C:\) , a potom na OK.
Program začne skenovat zatržený disk. Když sken skončí , budou tam vypsané soubory, ale ne všechny musí být legitimní. Klikni na Save Report a ulož si log do dokumentů. Vlož sem prosím celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 118 hostů