Prosím o kontrolu-pomalý internet...

[Márty84]

Jestli v pc jeste je, odinstalujte Spyware Terminatora.

Dejte novy log z RSIT

[kovárna]

Logfile of random's system information tool 1.09 (written by random/random)
Run by čenda at 2013-08-19 22:07:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 84 GB (53%) free of 160 GB
Total RAM: 2046 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:07:50, on 19.8.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WJATH\AthServer.exe
C:\Documents and Settings\čenda\Plocha\RSIT.exe
C:\Program Files\trend micro\čenda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{72A3D5C1-1863-4902-AD55-74F63AD3352B}: NameServer = 10.10.10.10,10.10.11.11
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: JumpStart Wi-Fi Protected Setup (jswpsapi) - wireless - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 6573 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AE4DAD2A-BC71-446D-AE1B-C33F44E32C4E}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-28 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-28 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-21 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDesktopCleanupWizard"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"E:\Mass Effect 3\Binaries\Win32\MassEffect3.exe"="E:\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Enabled:Mass Effect™ 3"
"C:\Program Files\R.G. Catalyst\Borderlands\Binaries\Borderlands.exe"="C:\Program Files\R.G. Catalyst\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\Borderlands 2\Binaries\Win32\Borderlands2.exe"="C:\Program Files\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2"
"C:\Program Files\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe"="C:\Program Files\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Farming Simulator 2013\FarmingSimulator2013.exe"="C:\Program Files\Farming Simulator 2013\FarmingSimulator2013.exe:*:Enabled:Farming Simulator 2013"
"C:\Program Files\Farming Simulator 2013\FarmingSimulator2013Game.exe"="C:\Program Files\Farming Simulator 2013\FarmingSimulator2013Game.exe:*:Enabled:Farming Simulator 2013"
"C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe"="C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe:*:Enabled:TP-LINK Wireless Configuration Utility"
"E:\utorrent-setup\utorrent.exe"="E:\utorrent-setup\utorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2013-08-19 21:25:14 ----D---- C:\Program Files\Mozilla Firefox
2013-08-15 11:39:51 ----A---- C:\AdwCleaner[S1].txt
2013-08-14 22:16:19 ----D---- C:\Program Files\trend micro
2013-08-14 22:16:18 ----D---- C:\rsit
2013-08-13 22:05:41 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-08-13 22:05:40 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-08-13 22:05:39 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2013-08-13 22:05:38 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2013-08-13 22:05:38 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2013-08-13 22:05:37 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2013-08-13 22:05:37 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2013-08-13 22:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-08-13 22:05:36 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-08-13 22:05:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-08-13 22:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-08-13 22:05:24 ----SHD---- C:\Config.Msi
2013-08-13 22:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-08-13 22:05:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
2013-08-13 22:04:55 ----A---- C:\WINDOWS\avastSS.scr
2013-07-29 19:33:55 ----D---- C:\WINDOWS\system32\MRT

======List of files/folders modified in the last 1 month======

2013-08-19 22:07:09 ----D---- C:\WINDOWS\Temp
2013-08-19 22:07:09 ----D---- C:\WINDOWS
2013-08-19 21:32:04 ----RD---- C:\Program Files
2013-08-19 21:31:55 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-08-19 21:31:55 ----D---- C:\WINDOWS\system32\CatRoot2
2013-08-19 21:31:32 ----D---- C:\WINDOWS\Prefetch
2013-08-19 16:36:08 ----D---- C:\WINDOWS\system32
2013-08-19 16:34:42 ----D---- C:\WINDOWS\system32\drivers
2013-08-18 16:19:44 ----D---- C:\Documents and Settings\čenda\Data aplikací\vlc
2013-08-16 18:56:28 ----D---- C:\Documents and Settings\čenda\Data aplikací\.minecraft
2013-08-15 20:14:17 ----SHD---- C:\WINDOWS\Installer
2013-08-15 20:14:17 ----HD---- C:\WINDOWS\inf
2013-08-15 20:14:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-08-15 20:12:14 ----D---- C:\Program Files\Common Files
2013-08-15 20:12:13 ----RSD---- C:\WINDOWS\assembly
2013-08-14 22:18:03 ----D---- C:\Documents and Settings\čenda\Data aplikací\DAEMON Tools Lite
2013-08-14 00:01:50 ----D---- C:\WINDOWS\Debug
2013-08-13 22:29:11 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-13 22:12:17 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-08-13 22:12:16 ----D---- C:\Program Files\Internet Explorer
2013-08-13 22:12:07 ----D---- C:\WINDOWS\ie8updates
2013-08-13 22:09:54 ----A---- C:\WINDOWS\system32\MRT.exe
2013-08-13 22:07:40 ----D---- C:\WINDOWS\WinSxS
2013-08-13 22:07:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-13 22:05:36 ----SD---- C:\WINDOWS\Tasks
2013-08-13 22:04:32 ----D---- C:\Program Files\AVAST Software
2013-08-13 22:04:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-08-13 22:03:59 ----D---- C:\WINDOWS\system32\CatRoot
2013-08-13 01:27:26 ----D---- C:\Documents and Settings
2013-08-13 01:21:42 ----SD---- C:\WINDOWS\system32\Microsoft
2013-08-12 12:22:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-07-26 04:49:00 ----A---- C:\WINDOWS\system32\wininet.dll
2013-07-26 04:48:59 ----N---- C:\WINDOWS\system32\occache.dll
2013-07-26 04:48:59 ----N---- C:\WINDOWS\system32\mstime.dll
2013-07-26 04:48:59 ----N---- C:\WINDOWS\system32\jsproxy.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\urlmon.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\url.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\mshtmled.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\msfeeds.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\licmgr10.dll
2013-07-26 04:48:59 ----A---- C:\WINDOWS\system32\iertutil.dll
2013-07-26 04:48:58 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2013-07-26 04:48:58 ----A---- C:\WINDOWS\system32\iepeers.dll
2013-07-26 04:48:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2013-07-25 21:23:00 ----N---- C:\WINDOWS\system32\ie4uinit.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-13 175176]
R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-13 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-13 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-07-07 218688]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 AR9271;Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw.sys [2011-07-28 1763584]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-21 2843136]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-05-10 6406760]
R3 JSWSCIMD;jswscimd Service; C:\WINDOWS\system32\DRIVERS\jswscimd.sys [2011-03-31 57440]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2011-03-31 58208]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\WINDOWS\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\WINDOWS\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2011-10-12 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2011-10-12 25512]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-06-17 25480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2011-03-31 499796]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-21 512000]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-06-28 182184]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-12-20 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-19 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup; C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe [2011-03-31 360529]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Márty84]

Jeste jeden log a budem mazat.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[kovárna]

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\čenda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 74,62% Memory free
3,85 Gb Paging File | 3,48 Gb Available in Paging File | 90,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 82,03 Gb Free Space | 52,50% Space Free | Partition Type: NTFS
Drive E: | 439,91 Gb Total Space | 253,32 Gb Free Space | 57,58% Space Free | Partition Type: NTFS

Computer Name: DOMA | User Name: čenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.08.20 03:40:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\čenda\Plocha\OTL.exe
PRC - [2013.08.19 21:25:20 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.06.28 14:41:03 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.05.09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.03.31 15:36:54 | 000,499,796 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013.08.19 21:25:19 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.08.19 08:39:48 | 002,094,592 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13081900\algo.dll
MOD - [2007.03.02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2006.08.05 11:34:34 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2013.07.19 22:06:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.06.28 14:41:03 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.03.31 15:36:54 | 000,499,796 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2011.03.31 15:36:52 | 000,360,529 | ---- | M] (wireless) [On_Demand | Stopped] -- C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\WPS\jswpsapi.exe -- (jswpsapi)
SRV - [2011.03.16 11:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcombus.sys -- (BTCOMBUS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btcomport.sys -- (BTCOM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - [2013.08.13 22:05:51 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.13 22:05:51 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.13 22:05:51 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 10:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 10:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.10.12 19:55:56 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011.10.12 19:55:56 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2011.07.28 19:06:06 | 001,763,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athuw.sys -- (AR9271)
DRV - [2011.07.07 20:57:45 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.05.10 12:24:24 | 006,406,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.03.31 15:36:52 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2011.03.31 15:36:52 | 000,057,440 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jswscimd.sys -- (JSWSCIMD)
DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.12.18 11:58:52 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.09.24 13:38:42 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2009.09.24 05:40:12 | 000,019,592 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2009.06.17 14:01:42 | 000,025,480 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008.06.16 15:08:42 | 000,109,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.21 05:53:20 | 002,843,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.12.28 18:44:44 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledAddons: jsonview%40brh.numbera.com:0.7
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\čenda\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.08.13 22:05:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.11.27 16:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\čenda\Data aplikací\Mozilla\Extensions
[2013.08.15 11:40:04 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default\extensions
[2012.11.30 16:22:17 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2013.05.02 21:26:03 | 001,976,559 | ---- | M] () (No name found) -- C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default\extensions\ecolo@loic.com.xpi
[2012.11.13 15:24:19 | 000,026,234 | ---- | M] () (No name found) -- C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default\extensions\jsonview@brh.numbera.com.xpi
[2011.07.05 22:58:32 | 000,163,121 | ---- | M] () (No name found) -- C:\Documents and Settings\čenda\Data aplikací\Mozilla\Firefox\Profiles\qepe92gg.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi
[2013.08.19 21:25:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.08.19 21:25:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ÄŤENDA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\QEPE92GG.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ÄŤENDA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\QEPE92GG.DEFAULT\EXTENSIONS\JSONVIEW@BRH.NUMBERA.COM.XPI

O1 HOSTS File: ([2013.08.19 02:57:06 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.10 10.10.11.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72A3D5C1-1863-4902-AD55-74F63AD3352B}: NameServer = 10.10.10.10,10.10.11.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{824585E6-AE20-4D78-A068-0D82F17F580C}: DhcpNameServer = 10.10.10.10 10.10.11.11
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.28 16:15:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.08.20 03:40:04 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\čenda\Plocha\OTL.exe
[2013.08.19 22:07:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\čenda\Recent
[2013.08.19 21:25:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.08.16 19:31:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\čenda\Plocha\RK_Quarantine
[2013.08.14 22:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.08.14 22:16:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.08.13 22:05:41 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.08.13 22:05:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\avast! Free Antivirus
[2013.08.13 22:05:40 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.08.13 22:05:39 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.08.13 22:05:38 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.08.13 22:05:38 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.08.13 22:05:36 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.08.13 22:05:36 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.08.13 22:05:24 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.08.13 22:04:55 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.07.29 19:33:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013.07.29 13:07:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\čenda\Plocha\jirka
[2013.07.29 13:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\čenda\Plocha\pro máti
[2013.07.27 14:05:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\čenda\Plocha\povinné
[2013.07.22 22:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\čenda\Plocha\tech
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.08.20 03:44:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.08.20 03:40:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\čenda\Plocha\OTL.exe
[2013.08.20 02:47:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.08.19 22:57:47 | 000,000,466 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{AE4DAD2A-BC71-446D-AE1B-C33F44E32C4E}.job
[2013.08.19 22:05:00 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.08.19 21:32:30 | 000,002,284 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.08.19 21:32:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.08.16 19:24:43 | 000,920,576 | ---- | M] () -- C:\Documents and Settings\čenda\Plocha\RogueKiller.exe
[2013.08.15 20:11:17 | 000,000,032 | ---- | M] () -- C:\WINDOWS\0
[2013.08.15 11:24:48 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\čenda\Plocha\adwcleaner.exe
[2013.08.14 21:19:59 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\čenda\Plocha\RSIT.exe
[2013.08.13 22:07:37 | 000,497,090 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.08.13 22:07:37 | 000,492,334 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.08.13 22:07:37 | 000,099,764 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.08.13 22:07:37 | 000,085,574 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.13 22:05:51 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.08.13 22:05:51 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.08.13 22:05:51 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.08.13 22:05:51 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.08.13 22:05:51 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.08.13 22:05:51 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.08.13 22:05:36 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.08.12 12:22:56 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.07.26 04:49:00 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013.07.26 04:49:00 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013.07.26 04:48:59 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013.07.26 04:48:59 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.07.26 04:48:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013.07.26 04:48:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013.07.26 04:48:59 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013.07.26 04:48:59 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013.07.26 04:48:59 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.07.26 04:48:59 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013.07.26 04:48:59 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013.07.26 04:48:59 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.07.26 04:48:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013.07.26 04:48:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013.07.26 04:48:59 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013.07.26 04:48:59 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013.07.26 04:48:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013.07.26 04:48:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.07.26 04:48:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013.07.26 04:48:59 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013.07.26 04:48:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013.07.26 04:48:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013.07.26 04:48:58 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.07.26 04:48:58 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.07.26 04:48:58 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013.07.26 04:48:58 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013.07.26 04:48:58 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013.07.26 04:48:58 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013.07.25 21:23:00 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013.07.25 21:23:00 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013.07.25 17:52:59 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.08.20 03:44:18 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.08.16 19:24:43 | 000,920,576 | ---- | C] () -- C:\Documents and Settings\čenda\Plocha\RogueKiller.exe
[2013.08.15 11:24:47 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\čenda\Plocha\adwcleaner.exe
[2013.08.14 22:16:08 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\čenda\Plocha\RSIT.exe
[2013.08.13 22:05:37 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.08.13 22:05:37 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.08.13 22:05:36 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.07.21 18:08:49 | 235,438,080 | ---- | C] () -- C:\Documents and Settings\čenda\Plocha\Průža jedeee.avi
[2013.07.01 18:54:00 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.07.01 18:54:00 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.07.01 18:54:00 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.04.21 00:24:37 | 000,000,060 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2013.04.03 23:41:46 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll
[2013.04.03 23:41:34 | 000,422,000 | ---- | C] () -- C:\WINDOWS\System32\wgapi.dll
[2013.02.11 21:16:46 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.01.30 20:32:17 | 000,030,716 | ---- | C] () -- C:\Documents and Settings\čenda\Local Settings\Data aplikací\SRDownloader.err
[2013.01.30 12:00:43 | 000,001,104 | ---- | C] () -- C:\Documents and Settings\čenda\Local Settings\Data aplikací\SRDownloader.nast
[2012.11.27 16:31:53 | 000,426,886 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-746137067-602162358-682003330-1003-0.dat
[2012.11.27 16:31:53 | 000,272,022 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.04.10 21:01:14 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\čenda\Local Settings\Data aplikací\WebpageIcons.db
[2012.03.15 17:32:07 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012.02.16 22:35:50 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.10.11 15:42:05 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2011.07.06 11:43:58 | 000,037,376 | ---- | C] () -- C:\Documents and Settings\čenda\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.04 20:32:42 | 000,000,460 | RHS- | C] () -- C:\Documents and Settings\čenda\ntuser.pol
[2011.06.29 15:41:40 | 002,313,072 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\bdinstall.bin

========== ZeroAccess Check ==========

[2011.06.28 19:30:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.08.13 22:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.07.22 20:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2011.08.24 13:31:49 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.04.21 00:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ConMet
[2011.07.07 20:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.07.05 22:48:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DFX
[2011.12.15 23:25:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Dumps
[2011.07.07 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2011.07.07 21:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2012.11.25 14:53:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GARMIN
[2012.10.07 15:21:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2013.05.08 04:56:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2012.11.25 14:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.10.11 15:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2013.04.04 00:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
[2011.09.05 21:10:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\QuickScan
[2011.09.11 19:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\QuickScan
[2013.08.16 18:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\.minecraft
[2012.07.13 16:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\avv
[2011.07.22 20:21:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Canneverbe Limited
[2011.10.11 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Canon
[2013.08.14 22:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\DAEMON Tools Lite
[2012.11.25 14:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Garmin
[2011.07.05 22:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\HDRsoft
[2011.07.16 22:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Jpeg Resampler
[2013.05.22 09:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\LangSoft
[2012.11.25 14:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\PC Suite
[2011.06.29 15:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\QuickScan
[2011.10.11 15:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\ScanSoft
[2013.04.04 01:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\TP-LINK
[2013.03.23 08:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Unity
[2012.07.13 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Updatem
[2013.05.08 05:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\uTorrent
[2011.07.03 21:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Yamicsoft
[2011.07.05 23:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2011.06.28 16:13:44 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.06.28 16:21:27 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.01.26 22:23:43 | 000,000,466 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{AE4DAD2A-BC71-446D-AE1B-C33F44E32C4E}.job
[2012.03.31 20:44:49 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.08.13 22:05:36 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: AGP440.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 17:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.04 00:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 17:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 17:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 17:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.04 00:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 17:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.07.03 15:46:02 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 18:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 17:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.04 01:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 17:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 17:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 17:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 17:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.04 01:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 17:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 17:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 17:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.08.16 18:56:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\.minecraft
[2011.07.03 00:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Adobe
[2011.06.28 19:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\ATI
[2012.07.13 16:35:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\avv
[2011.07.22 20:21:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Canneverbe Limited
[2011.10.11 15:44:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Canon
[2013.08.14 22:18:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\DAEMON Tools Lite
[2012.11.25 14:55:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Garmin
[2011.07.05 22:52:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\HDRsoft
[2011.06.28 16:22:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Identities
[2011.06.28 19:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\InstallShield
[2011.07.16 22:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Jpeg Resampler
[2013.05.22 09:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\LangSoft
[2011.06.28 21:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Macromedia
[2011.09.22 23:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Malwarebytes
[2013.04.04 17:39:27 | 000,000,000 | --SD | M] -- C:\Documents and Settings\čenda\Data aplikací\Microsoft
[2011.06.28 21:18:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Mozilla
[2012.11.25 14:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\PC Suite
[2011.06.29 15:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\QuickScan
[2011.10.11 15:42:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\ScanSoft
[2011.07.16 23:19:56 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\čenda\Data aplikací\SecuROM
[2011.07.06 13:00:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Sun
[2013.04.04 01:19:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\TP-LINK
[2013.03.23 08:41:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Unity
[2012.07.13 16:35:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Updatem
[2013.05.08 05:07:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\uTorrent
[2013.08.18 16:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\vlc
[2011.07.03 21:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Yamicsoft
[2011.07.05 23:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\čenda\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2012.07.13 16:35:03 | 087,604,152 | -H-- | M] () -- C:\Documents and Settings\čenda\Data aplikací\avv\setup_ais.exe
[2011.06.28 19:32:13 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe
[2011.07.03 21:52:35 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\ClearMem.exe
[2011.07.03 21:52:35 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\ClickCleaner.exe
[2011.07.03 21:52:36 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\ContextMenuManager.exe
[2011.07.03 21:52:35 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\DesktopCleaner.exe
[2011.07.03 21:52:35 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\DiskAnalyzer.exe
[2011.07.03 21:52:35 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\DuplicateFilesFinder.exe
[2011.07.03 21:52:35 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\FileSecurity.exe
[2011.07.03 21:52:35 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\FileSplitter.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\IconManager.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\IEManager.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\JunkFileCleaner.exe
[2011.07.03 21:52:36 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\LiveUpdate.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\OptimizationWizard.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\PrivacyProtector.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\ProcessManager.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\RegistryCleaner.exe
[2011.07.03 21:52:36 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\RegistryDefrag.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\RepairCenter.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\RunShortcutCreator.exe
[2011.07.03 21:52:36 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\ServiceManager.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\Shutdown.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\StartupManager.exe
[2011.07.03 21:52:36 | 000,014,534 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\SystemFolder_msiexec.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\SystemInfo.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\Uninstaller.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\WallpaperChanger.exe
[2011.07.03 21:52:36 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Microsoft\Installer\{D052CF28-055B-4822-BCCF-1C13CF8236AF}\WinXP_Manager.exe
[2012.07.13 16:35:21 | 000,131,072 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\crashreporter.exe
[2012.07.13 16:35:21 | 000,856,064 | ---- | M] (Netscape Communications Corporation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\js.exe
[2012.07.13 16:35:21 | 000,253,952 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\updater.exe
[2012.07.13 16:35:21 | 000,023,552 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\xpcshell.exe
[2012.07.13 16:35:21 | 000,323,584 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\xpidl.exe
[2012.07.13 16:35:21 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\xpt_dump.exe
[2012.07.13 16:35:21 | 000,017,920 | ---- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\xpt_link.exe
[2012.07.13 16:35:21 | 000,122,880 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\xulrunner-stub.exe
[2012.07.13 16:35:21 | 000,106,496 | ---- | M] (Mozilla Foundation) -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\xulrunner.exe
[2012.07.13 16:35:21 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\čenda\Data aplikací\Updatem\update_days\zupdate.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.06.28 18:02:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.06.28 18:02:19 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.06.28 18:02:19 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.08.19 21:32:30 | 000,002,284 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.08.20 03:44:18 | 000,000,512 | ---- | M] () MD5=F5949DEA3E4804767F12317F052240DF -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

[kovárna]

< *loader* /s >
[2012.02.11 19:52:37 | 000,001,044 | ---- | M] () -- \Documents and Settings\čenda\Data aplikací\.minecraft\ModLoader.txt
[2012.02.11 19:52:23 | 000,001,198 | ---- | M] () -- \Documents and Settings\čenda\Data aplikací\.minecraft\config\ModLoader.cfg
[2011.07.18 01:39:12 | 000,074,494 | ---- | M] () -- \Documents and Settings\čenda\Data aplikací\.minecraft\mods\ModLoader.zip
[2012.07.13 16:35:22 | 000,002,713 | ---- | M] () -- \Documents and Settings\čenda\Data aplikací\Updatem\update_days\components\uriloader.xpt
[2013.02.11 01:12:32 | 000,030,716 | ---- | M] () -- \Documents and Settings\čenda\Local Settings\Data aplikací\SRDownloader.err
[2013.05.08 03:40:37 | 000,001,104 | ---- | M] () -- \Documents and Settings\čenda\Local Settings\Data aplikací\SRDownloader.nast
[2013.01.30 18:57:27 | 000,000,383 | ---- | M] () -- \Documents and Settings\čenda\Plocha\Zástupce - SRDownloader.exe.lnk
[2012.09.18 13:35:42 | 000,058,880 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\Binaries\Win32\PhysXLoader.dll
[2012.11.20 12:36:18 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBadass.DEU
[2012.11.20 12:36:17 | 000,000,916 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderBUL.DEU
[2012.11.20 12:36:17 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderEXP.DEU
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderGUN.DEU
[2012.11.20 12:36:08 | 000,000,916 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderHOT.DEU
[2012.11.20 12:36:24 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderJET.DEU
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderPWR.DEU
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_LoaderRPG.DEU
[2012.11.20 12:36:18 | 000,002,656 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\DEU\GD_Iris_Population_Loader.DEU
[2012.11.20 12:36:18 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBadass.ESN
[2012.11.20 12:36:18 | 000,000,852 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderBUL.ESN
[2012.11.20 12:36:17 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderEXP.ESN
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderGUN.ESN
[2012.11.20 12:36:28 | 000,000,852 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderHOT.ESN
[2012.11.20 12:36:24 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderJET.ESN
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderPWR.ESN
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_LoaderRPG.ESN
[2012.11.20 12:36:12 | 000,002,868 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ESN\GD_Iris_Population_Loader.ESN
[2012.11.20 12:36:18 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBadass.FRA
[2012.11.20 12:36:13 | 000,000,876 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderBUL.FRA
[2012.11.20 12:36:17 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderEXP.FRA
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderGUN.FRA
[2012.11.20 12:36:19 | 000,000,876 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderHOT.FRA
[2012.11.20 12:36:24 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderJET.FRA
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderPWR.FRA
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_LoaderRPG.FRA
[2012.11.20 12:36:13 | 000,002,706 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\FRA\GD_Iris_Population_Loader.FRA
[2012.11.20 12:36:18 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBadass.ITA
[2012.11.20 12:36:20 | 000,000,856 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderBUL.ITA
[2012.11.20 12:36:17 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderEXP.ITA
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderGUN.ITA
[2012.11.20 12:38:01 | 000,000,856 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderHOT.ITA
[2012.11.20 12:36:24 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderJET.ITA
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderPWR.ITA
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_LoaderRPG.ITA
[2012.11.20 12:36:15 | 000,002,754 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\ITA\GD_Iris_Population_Loader.ITA
[2012.11.20 12:36:18 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBadass.JPN
[2012.11.20 12:36:15 | 000,000,748 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderBUL.JPN
[2012.11.20 12:36:17 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderEXP.JPN
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderGUN.JPN
[2012.11.20 12:36:33 | 000,000,748 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderHOT.JPN
[2012.11.20 12:36:24 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderJET.JPN
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderPWR.JPN
[2012.11.20 12:36:08 | 000,000,222 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_LoaderRPG.JPN
[2012.11.20 12:36:22 | 000,002,636 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Iris\Compat\Localization\JPN\GD_Iris_Population_Loader.JPN
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBadass.DEU
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBoss.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderBUL.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderEXP.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderGUN.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderHOT.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderION.DEU
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderJunk.DEU
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPirate.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderPWR.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderRPG.DEU
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_LoaderWAR.DEU
[2012.10.14 12:53:22 | 000,004,418 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_Loader.DEU
[2012.10.14 12:53:22 | 000,000,216 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\DEU\GD_Orchid_Pop_LoaderBoss.DEU
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBadass.ESN
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBoss.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderBUL.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderEXP.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderGUN.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderHOT.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderION.ESN
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderJunk.ESN
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPirate.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderPWR.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderRPG.ESN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_LoaderWAR.ESN
[2012.10.14 12:53:22 | 000,004,550 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_Loader.ESN
[2012.10.14 12:53:22 | 000,000,216 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ESN\GD_Orchid_Pop_LoaderBoss.ESN
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBadass.FRA
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBoss.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderBUL.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderEXP.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderGUN.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderHOT.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderION.FRA
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderJunk.FRA
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPirate.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderPWR.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderRPG.FRA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_LoaderWAR.FRA
[2012.10.14 12:53:22 | 000,004,486 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_Loader.FRA
[2012.10.14 12:53:22 | 000,000,216 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\FRA\GD_Orchid_Pop_LoaderBoss.FRA
[2012.11.14 23:10:12 | 000,004,418 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\INT\GD_Orchid_Pop_Loader.int
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBadass.ITA
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBoss.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderBUL.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderEXP.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderGUN.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderHOT.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderION.ITA
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderJunk.ITA
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPirate.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderPWR.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderRPG.ITA
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_LoaderWAR.ITA
[2012.10.14 12:53:22 | 000,004,558 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_Loader.ITA
[2012.10.14 12:53:22 | 000,000,216 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\ITA\GD_Orchid_Pop_LoaderBoss.ITA
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBadass.JPN
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBoss.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderBUL.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderEXP.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderGUN.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderHOT.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderION.JPN
[2012.10.14 12:53:22 | 000,000,228 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderJunk.JPN
[2012.10.14 12:53:22 | 000,000,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPirate.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderPWR.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderRPG.JPN
[2012.10.14 12:53:22 | 000,000,226 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_LoaderWAR.JPN
[2012.10.14 12:53:22 | 000,004,418 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_Loader.JPN
[2012.10.14 12:53:22 | 000,000,216 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\DLC\Orchid\Compat\Localization\JPN\GD_Orchid_Pop_LoaderBoss.JPN
[2012.09.18 13:35:42 | 003,465,909 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\CookedPCConsole\Boss_Cliffs_CombatLoader.upk
[2012.09.18 13:35:42 | 000,032,232 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\CookedPCConsole\Loader.upk
[2012.09.18 13:35:42 | 000,001,140 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_BigLoaderTurret.DEU
[2012.09.18 13:35:42 | 000,000,504 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_LootMidget_LoaderGUN.DEU
[2012.09.18 13:35:42 | 000,009,492 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\DEU\GD_Population_Loader.DEU
[2012.09.18 13:35:42 | 000,001,072 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_BigLoaderTurret.ESN
[2012.09.18 13:35:42 | 000,000,518 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_LootMidget_LoaderGUN.ESN
[2012.09.18 13:35:42 | 000,009,746 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\ESN\GD_Population_Loader.ESN
[2012.09.18 13:35:42 | 000,001,098 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_BigLoaderTurret.FRA
[2012.09.18 13:35:42 | 000,000,514 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_LootMidget_LoaderGUN.FRA
[2012.09.18 13:35:42 | 000,009,610 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\FRA\GD_Population_Loader.FRA
[2012.10.15 23:45:00 | 000,001,038 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\INT\GD_BigLoaderTurret.int
[2012.10.17 01:02:04 | 000,000,502 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\INT\GD_LootMidget_LoaderGUN.int
[2012.10.28 17:04:20 | 000,009,468 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\INT\GD_Population_Loader.int
[2012.09.18 13:35:42 | 000,001,068 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_BigLoaderTurret.ITA
[2012.09.18 13:35:42 | 000,000,530 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_LootMidget_LoaderGUN.ITA
[2012.09.18 13:35:42 | 000,009,798 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\ITA\GD_Population_Loader.ITA
[2012.09.18 13:35:42 | 000,000,946 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_BigLoaderTurret.JPN
[2012.09.18 13:35:42 | 000,000,502 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_LootMidget_LoaderGUN.JPN
[2012.09.18 13:35:42 | 000,009,486 | ---- | M] () -- \Program Files\2K Games\Borderlands 2\WillowGame\Localization\JPN\GD_Population_Loader.JPN
[2011.01.10 20:53:39 | 000,000,673 | ---- | M] () -- \Program Files\Common Files\BitDefender\SetupInformation\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\skin\default\images\loader.gif
[2011.01.10 20:53:40 | 000,000,917 | ---- | M] () -- \Program Files\Common Files\BitDefender\SetupInformation\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\skin\default\images\loader_paused.gif
[2010.11.30 07:13:29 | 000,001,849 | ---- | M] () -- \Program Files\Common Files\BitDefender\SetupInformation\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\skin\images\common\loader.gif
[2010.11.30 07:13:27 | 000,002,545 | ---- | M] () -- \Program Files\Common Files\BitDefender\SetupInformation\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\skin\images\miscelaneous\loader.gif
[2010.11.30 07:13:27 | 000,003,208 | ---- | M] () -- \Program Files\Common Files\BitDefender\SetupInformation\{B6CA7A3C-35FD-401F-9335-FFFD2BCD5FF3}\skin\images\miscelaneous\loader2.gif
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2012.03.16 13:43:12 | 000,071,008 | ---- | M] () -- \Program Files\Farming Simulator 2013\PhysXLoader.dll
[2012.06.20 09:41:10 | 000,032,896 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderBalefork.dds
[2012.06.20 09:41:12 | 000,032,896 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderPalletfork.dds
[2012.06.20 09:41:12 | 000,032,896 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderShovel.dds
[2012.06.29 13:34:10 | 000,032,896 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\store_deutzFrontloaderSilageFork.dds
[2012.08.28 19:26:56 | 000,032,896 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\store_wheelloader.dds
[2012.09.24 15:56:50 | 003,160,381 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.i3d
[2012.10.08 09:22:40 | 000,008,582 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.xml
[2012.03.16 13:41:22 | 000,696,448 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_diffuse.dds
[2012.03.16 13:41:16 | 000,174,904 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_normal.dds
[2012.03.16 13:41:20 | 000,174,904 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_specular.dds
[2012.09.24 15:56:50 | 000,088,703 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.i3d
[2012.10.08 09:22:40 | 000,000,854 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.xml
[2012.09.24 15:56:50 | 000,105,847 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.i3d
[2012.10.08 09:22:40 | 000,000,857 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.xml
[2012.09.13 12:40:40 | 000,094,161 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderShovel.i3d
[2012.10.09 10:31:26 | 000,003,040 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderShovel.xml
[2012.10.10 09:53:36 | 000,262,878 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderSilageFork.i3d
[2012.10.10 09:53:36 | 000,002,966 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\deutz\deutzFrontloaderSilageFork.xml
[2012.10.09 14:59:10 | 002,654,362 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader.i3d
[2012.10.09 14:59:10 | 000,010,051 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader.xml
[2012.09.03 09:19:44 | 000,134,236 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderIdle.wav
[2012.09.03 09:19:44 | 000,080,314 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderStart.wav
[2012.09.24 15:56:06 | 000,059,542 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderStop.wav
[2012.08.27 16:42:48 | 000,699,192 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderWheel_diffuse.dds
[2012.08.27 16:21:24 | 000,699,192 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderWheel_normal.dds
[2012.08.27 16:20:56 | 000,043,832 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoaderWheel_specular.dds
[2012.08.27 16:20:26 | 002,796,344 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_diffuse.dds
[2012.08.27 16:19:24 | 002,796,344 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_normal.dds
[2012.09.03 09:19:44 | 000,188,618 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_run.wav
[2012.08.27 16:18:20 | 000,174,904 | ---- | M] () -- \Program Files\Farming Simulator 2013\data\vehicles\steerable\lizard\wheelLoader_specular.dds
[2010.12.14 10:54:22 | 000,166,400 | ---- | M] () -- \Program Files\Fotolab\Fotolab Fotosvet 4\CWImageLoader0.dll
[2012.06.08 19:07:02 | 000,064,352 | ---- | M] () -- \Program Files\Kalypso\Bang Bang Racing\PhysXLoader.dll
[2010.08.27 19:43:08 | 000,071,008 | ---- | M] () -- \Program Files\Mafia II\pc\PhysXLoader.dll
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2009.09.14 22:48:10 | 000,070,936 | ---- | M] () -- \Program Files\R.G. Catalyst\Borderlands\Binaries\PhysXLocal\PhysXLoader.dll
[2010.09.30 13:42:45 | 000,137,521 | ---- | M] () -- \Program Files\R.G. Catalyst\Borderlands\WillowGame\CookedPC\Maps\Loader.umap
[2012.06.19 21:45:20 | 000,001,702 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\licenses\loaderbinarylegal.txt
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.03.08 18:10:08 | 000,670,208 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2011.05.31 10:46:24 | 000,685,568 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 15:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 18:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 15:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2011.06.08 15:20:02 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\8bfLoader.exe
[2011.06.08 15:20:16 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\WICLoader.exe
[2004.08.17 17:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2011.06.29 15:57:26 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.09.19 14:12:26 | 000,026,761 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\plugins\com.serialio.win32.x86_2.10.2.0.jar
[2012.06.19 21:45:21 | 000,049,527 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\plugins\com.serialio_2.12.7.29.jar
[2012.06.19 21:45:40 | 000,006,316 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\plugins\com.sonyericsson.cs.serialcommunication_2.12.7.29.jar
[2011.10.12 19:56:13 | 000,057,344 | ---- | M] () -- \Program Files\Sony Ericsson\Update Service\usconfiguration\org.eclipse.osgi\bundles\9\1\.cp\lib\serialio.dll
[2004.08.17 17:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2013.08.13 22:04:40 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.11 00:39:05 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.13 22:23:34 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.13 22:22:02 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2013.08.13 22:25:04 | 002,646,528 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\332407a3f224f388f70120d33cb872d5\System.Runtime.Serialization.ni.dll
[2013.08.13 22:24:43 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.11.28 01:20:00 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.08.13 22:07:57 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.11.28 01:20:00 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.08.13 22:07:55 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

[kovárna]

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\čenda\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,49 Gb Available Physical Memory | 74,62% Memory free
3,85 Gb Paging File | 3,48 Gb Available in Paging File | 90,38% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 156,25 Gb Total Space | 82,03 Gb Free Space | 52,50% Space Free | Partition Type: NTFS
Drive E: | 439,91 Gb Total Space | 253,32 Gb Free Space | 57,58% Space Free | Partition Type: NTFS

Computer Name: DOMA | User Name: čenda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotolab Fotosvet 4] -- "C:\Program Files\Fotolab\Fotolab Fotosvet 4\Fotolab Fotosvet 4.exe" "%1" ()
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Internet Explorer\IEXPLORE.EXE" = C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2 -- (Crytek GmbH)
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe" = C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service -- ()
"E:\Mass Effect 3\Binaries\Win32\MassEffect3.exe" = E:\Mass Effect 3\Binaries\Win32\MassEffect3.exe:*:Enabled:Mass Effect™ 3
"C:\Program Files\R.G. Catalyst\Borderlands\Binaries\Borderlands.exe" = C:\Program Files\R.G. Catalyst\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\Borderlands 2\Binaries\Win32\Borderlands2.exe" = C:\Program Files\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2
"C:\Program Files\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe" = C:\Program Files\2K Games\Borderlands 2\Binaries\Win32\Borderlands2.exe:*:Enabled:Borderlands 2 -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Farming Simulator 2013\FarmingSimulator2013.exe" = C:\Program Files\Farming Simulator 2013\FarmingSimulator2013.exe:*:Enabled:Farming Simulator 2013 -- (GIANTS Software GmbH)
"C:\Program Files\Farming Simulator 2013\FarmingSimulator2013Game.exe" = C:\Program Files\Farming Simulator 2013\FarmingSimulator2013Game.exe:*:Enabled:Farming Simulator 2013 -- (GIANTS Software GmbH)
"C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe:*:Enabled:TP-LINK Wireless Configuration Utility -- ()
"E:\utorrent-setup\utorrent.exe" = E:\utorrent-setup\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{072A1145-79D5-4BEB-4D8A-59CCB7CB31AE}" = Catalyst Control Center Graphics Full Existing
"{097CF8DE-C007-F3C5-2A80-C1AD2A9D7EFB}" = Catalyst Control Center Graphics Previews Common
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E5E5B46-61B6-3FF3-5C7C-87F1AC00568E}" = CCC Help Czech
"{0F200FB1-B904-1820-0EEA-15C458B575B3}" = CCC Help Portuguese
"{145C6099-E682-AFBB-4E4C-2FE72333E2FB}" = CCC Help Hungarian
"{15A0B9F3-DCE9-42D8-0F81-A03C0BF9BB3B}" = CCC Help Norwegian
"{19A84EB1-D85B-BB4F-0030-B7E2BC1ACB6F}" = Catalyst Control Center Localization Dutch
"{1BF4CB7A-85C6-0480-30D9-C8F711C9D99E}" = Catalyst Control Center Localization Chinese Traditional
"{1E105942-593C-4C48-AB3D-BEC2124F5FCE}" = Garmin City Navigator Europe NT 2008
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2034E9E2-60F5-A335-363F-9FA9B0864FBA}" = CCC Help Chinese Standard
"{233EE11F-A04C-B612-AEDF-16A312986113}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK Wireless Configuration Utility
"{3405EF6E-6E68-AF1A-A165-4832ADA3221E}" = Catalyst Control Center Localization Finnish
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{354DC3BC-A17F-E931-E696-E57EF0BF39B1}" = CCC Help Japanese
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TP-LINK TL-WN721N/TL-WN722N Driver
"{39BBA37B-E375-4977-6EC2-9FB182A18CD1}" = Catalyst Control Center Localization Russian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CFC1E5C-52C5-F564-BBBD-A791A0ED2868}" = CCC Help Swedish
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}" = ATI HYDRAVISION
"{40A77C5E-831D-53B7-6DD6-049390E99737}" = CCC Help Turkish
"{43673268-252B-10C5-A96B-BD766CECF1BC}" = Catalyst Control Center Localization Korean
"{43B7C43F-406C-4DE5-DCC5-6712A09890D1}" = Catalyst Control Center Localization Danish
"{4517BAE4-D4F2-3A21-38F7-8E4D798515E3}" = Catalyst Control Center Localization Norwegian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B0F42ED-C1AA-1EE3-694C-B338B60D202A}" = Catalyst Control Center Localization German
"{4DE8C2BD-F830-CB44-3C55-FC77DE3FDB80}" = CCC Help German
"{4FAF0223-13C2-E94B-6E9E-D5807EFE8589}" = CCC Help Korean
"{51007CF9-CB4C-265B-D62A-FF6BFD327ABA}" = Catalyst Control Center Localization Polish
"{526AAE17-8067-9BF2-C56B-EE8CEED32254}" = CCC Help Polish
"{56BA64AD-C2DF-9C71-E521-F87A2D335F57}" = Catalyst Control Center Localization French
"{57A17677-2064-D213-F2C0-37874112BCE8}" = ccc-utility
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{785A16DC-26B7-3184-D5F7-4186C90F77B9}" = Catalyst Control Center Localization Chinese Standard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{849A20E0-8A09-45F9-BE58-4DAE823E8CE4}" = Catalyst Control Center Localization Czech
"{85785A25-4ED5-1CDF-24BF-4AD32FFDCD3D}" = Catalyst Control Center Localization Turkish
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{93693EB3-E1E9-BC11-76D9-E03BF7338FC9}" = CCC Help Greek
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{9541B99F-5A88-9C02-6424-F17883E907A9}" = Catalyst Control Center Localization Spanish
"{973DFE07-93EE-4EC0-73B2-1E9B1EB1B46D}" = CCC Help Danish
"{97B2C4BB-08B1-6092-0F67-62AFA077444C}" = CCC Help Russian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A70FF5D5-D3A5-27EF-9751-3280710AFB9C}" = Skins
"{A958AD7D-A598-A2B6-CB71-19033DAD6730}" = Catalyst Control Center Localization Swedish
"{A9F95496-FA05-9808-2A6A-850D7CD6513A}" = CCC Help Thai
"{AAFEE577-C6AE-AB27-479D-592E2A74DBCE}" = Catalyst Control Center Localization Greek
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{B18A9215-5C66-C719-F861-2491E0726B78}" = CCC Help Spanish
"{B41B9D4A-42D5-F51F-4F9A-626D9A06CB4C}" = ccc-core-preinstall
"{B9A5D708-5F66-1B3D-A2D5-4A6E24BF32F7}" = CCC Help Chinese Traditional
"{BB10A37C-4BFB-BC3D-2CE4-72895A56FFAA}" = Catalyst Control Center Localization Hungarian
"{BCB4C18A-ACA6-4383-8688-E19933A705DD}" = Microsoft SOAP Toolkit 3.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C12C6589-32A4-2D8E-C8D5-C85CCF40157F}" = ccc-core-static
"{C1609713-CAE7-9D05-46C5-97CF48ECE7E7}" = Catalyst Control Center Localization Japanese
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C40B3988-1BF3-12FD-10AC-F708BF1C5CFC}" = Catalyst Control Center Core Implementation
"{C876E6DA-EC76-B2EC-6E09-3A7E00233750}" = CCC Help Italian
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CAEFCB7D-C290-57B2-D10D-E3DDBA524232}" = CCC Help Finnish
"{CC93120F-55BA-2E8A-C3B6-982B57600A89}" = Catalyst Control Center Localization Portuguese
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D052CF28-055B-4822-BCCF-1C13CF8236AF}" = WinXP Manager
"{D72C29C6-8476-B58D-9453-6D0FCD7FF481}" = Catalyst Control Center Graphics Full New
"{DD9E5033-7C22-4665-2232-1F8E5BB3B450}" = Catalyst Control Center Localization Thai
"{E4ABEF81-DE3D-DF19-BC99-BC34E2BD16B3}" = CCC Help Dutch
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{ED3948D4-05E9-A37B-1D52-2466AEA87F5E}" = Catalyst Control Center Localization Italian
"{EF4A88E7-AB69-EB25-2920-0F46F27D0DB2}" = CCC Help French
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5F16F97-9094-02B8-2BF0-F03E67C4E55C}" = CCC Help English
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3FA1705966809259F916AF817C59B4F389F4572C" = Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Bang Bang Racing_is1" = Bang Bang Racing
"Borderlands 2_is1" = Borderlands 2
"'Borderlands'_is1" = 'Borderlands' (v.1.4)
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FarmingSimulator2013CZ_is1" = Farming Simulator 2013
"Fotolab Fotosvet 4" = Fotolab Fotosvet 4
"ie8" = Windows Internet Explorer 8
"JpegResampler2010_is1" = Jpeg Resampler Vs 6+
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 23.0.1 (x86 cs)" = Mozilla Firefox 23.0.1 (x86 cs)
"MP Navigator 3.0" = Canon MP Navigator 3.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"PhotomatixPro4.0x32_is1" = Photomatix Pro version 4.0.2
"rajče.net_is1" = rajče průvodce verze 1.59.40.255
"Unlocker" = Unlocker 1.9.0
"Update Service" = Sony Ericsson Update Service
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.7
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.7.2013 16:19:34 | Computer Name = DOMA | Source = Application Error | ID = 1000
Description = Chybující aplikace avast.setup, verze 8.0.1489.300, chybující modul
msvcrt.dll, verze 7.0.2600.5512, adresa chyby 0x00037e9f.

Error - 3.7.2013 19:10:31 | Computer Name = DOMA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 3.7.2013 19:10:31 | Computer Name = DOMA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 3.7.2013 19:10:31 | Computer Name = DOMA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 3.7.2013 19:10:31 | Computer Name = DOMA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 4.7.2013 9:51:09 | Computer Name = DOMA | Source = MsiInstaller | ID = 1013
Description = Product: 8-in-Right -- This installation cannot be run by directly
launching the MSI package. You must run setup.exe.

Error - 12.8.2013 19:24:08 | Computer Name = DOMA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 12.8.2013 19:24:08 | Computer Name = DOMA | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 12.8.2013 19:27:38 | Computer Name = DOMA | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 12.8.2013 19:27:38 | Computer Name = DOMA | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

[ System Events ]
Error - 12.8.2013 19:28:42 | Computer Name = DOMA | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 12.8.2013 19:28:42 | Computer Name = DOMA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL
sp_rsdrv2
Tcpip

Error - 15.8.2013 5:42:23 | Computer Name = DOMA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 15.8.2013 5:42:23 | Computer Name = DOMA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 15.8.2013 5:42:23 | Computer Name = DOMA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 15.8.2013 5:42:23 | Computer Name = DOMA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 15.8.2013 5:42:26 | Computer Name = DOMA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 15.8.2013 5:42:26 | Computer Name = DOMA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 15 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 15.8.2013 5:42:28 | Computer Name = DOMA | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 15.8.2013 5:42:28 | Computer Name = DOMA | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.


< End of report >

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
JavaQuickStarterService
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{AE4DAD2A-BC71-446D-AE1B-C33F44E32C4E}.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O3 - HKU\S-1-5-21-746137067-602162358-682003330-1003\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[kovárna]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33244 bytes

User: čenda
->Temp folder emptied: 72192 bytes
->Temporary Internet Files folder emptied: 5357813 bytes
->Java cache emptied: 96677 bytes
->FireFox cache emptied: 441656836 bytes
->Flash cache emptied: 2051 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 483 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 9228570 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 437,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: čenda
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\User_Feed_Synchronization-{AE4DAD2A-BC71-446D-AE1B-C33F44E32C4E}.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-746137067-602162358-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-746137067-602162358-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-746137067-602162358-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\S-1-5-21-746137067-602162358-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP120.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP138.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A2.tmp\PresentationFontCache.exe deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP239.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP285.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4DE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP689.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP73.tmp\System.Printing.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP73.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75.tmp\System.Workflow.Activities.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP75.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{BFC32E1D-EE75-4A48-BC60-104E11EE2431} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFC32E1D-EE75-4A48-BC60-104E11EE2431}\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08202013_120117

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[kovárna]

PC je na tom dobře,nečekal jsem,že to bude tolik práce... Takže Vám chci moc poděkovat za rady a čas
A měl jsem tam něco nebezpečného? A proč jsem měl odinstalovat Spyw. Terminátora,dělá nějaké problémy?
A měl bych k antiviru přidat ještě nějakou ochranu,třeba nějaký osob. firewall?
Díky za odpověd

[Márty84]

To jsem rad Nemate zac!

Byl tam nejaky ten smejd. Terminator by mohl byt v kolizi s Avastem.
Jelikoz v XP je firewall dost mizerny, hodil by se nejaky jiny. Jinak Avast vetsinou staci. Zadny AV ale neni 100%

Muzem to tedy uzavrit? Nebo mate jeste dotaz?

[kovárna]

Můžeme to uzavřít,díky a mějte se

[Márty84]

OK Nemate zac!

Taky se mejte a treba zase nekdy