prosím o kontrolu logu

Zpráva

kocab22 · #1 Příspěvek od **kocab22** » 14 zář 2013 14:57

Zdravím, přítelkyně má totálně zasekaný počítač. Má v něm sice antivir, ale myslím že tam nějaký potvory i tak jsou, protože PC je téměř nepoužitelné.

Prosím o kontrolu. Díky moc! Btw samotný log se generoval nějak moc dlouho - v řádu minut

Logfile of random's system information tool 1.09 (written by random/random)
Run by Terezka at 2013-09-14 15:47:18
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (7%) free of 73 GB
Total RAM: 2039 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:31, on 14.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Users\Terezka\AppData\Roaming\Betcat\WebCakeDesktop.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Terezka\Downloads\RSIT.exe
C:\Program Files\trend micro\Terezka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?babsrc=HP_ ... l&tsp=4936
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: CrossriderApp0034362 - {11111111-1111-1111-1111-110311431162} - C:\Program Files\HDvid Codec V1\HDvid Codec V1-bho.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files\WebCake\WebCakeIEClient.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Terezka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WebCake Desktop] C:\Users\Terezka\AppData\Roaming\Betcat\WebCakeDesktop.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ChannelRg - Unknown owner - C:\Program Files\Common Files\GoldenSoft\ChannelRg.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 10206 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003UA.job
C:\Windows\tasks\HDvid Codec V1-codedownloader.job
C:\Windows\tasks\HDvid Codec V1-enabler.job
C:\Windows\tasks\HDvid Codec V1-updater.job
C:\Windows\tasks\ROC_REG_JAN_DELETE.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Terezka\AppData\Roaming\Mozilla\Firefox\Profiles\n08rtaji.default-1374560494266

"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npFoxitReaderPlugin.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
Mp3Tube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}]
HDvid Codec V1 - C:\Program Files\HDvid Codec V1\HDvid Codec V1-bho.dll [2013-07-07 748032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}]
WebCake - C:\Program Files\WebCake\WebCakeIEClient.dll [2013-06-21 197912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-11-08 7862816]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2013-08-15 4411440]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]
"Google Update"=C:\Users\Terezka\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 116648]
"WebCake Desktop"=C:\Users\Terezka\AppData\Roaming\Betcat\WebCakeDesktop.exe [2013-08-11 52504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AML Registry Cleaner]
C:\Program Files\AML Products\Registry Cleaner\regclean.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-01-11 1230704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"SENTINEL"=snti386.dll
"vidc.tscc"=tsccvid.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-09-14 15:47:18 ----D---- C:\rsit
2013-09-14 15:47:18 ----D---- C:\Program Files\trend micro
2013-09-10 01:34:48 ----A---- C:\Windows\system32\drivers\avgidsshimx.sys
2013-09-07 11:44:07 ----A---- C:\Windows\system32\vbscript.dll
2013-09-07 11:44:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-09-07 11:44:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-07 11:44:05 ----A---- C:\Windows\system32\ieui.dll
2013-09-07 11:44:04 ----A---- C:\Windows\system32\wininet.dll
2013-09-07 11:44:04 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-07 11:44:04 ----A---- C:\Windows\system32\ieUnatt.exe
2013-09-07 11:44:03 ----A---- C:\Windows\system32\jscript.dll
2013-09-07 11:44:02 ----A---- C:\Windows\system32\url.dll
2013-09-07 11:44:02 ----A---- C:\Windows\system32\jscript9.dll
2013-09-07 11:44:02 ----A---- C:\Windows\system32\iertutil.dll
2013-09-07 11:44:00 ----A---- C:\Windows\system32\urlmon.dll
2013-09-07 11:43:59 ----A---- C:\Windows\system32\ieframe.dll
2013-09-07 11:43:57 ----A---- C:\Windows\system32\mshtml.dll
2013-09-07 11:34:42 ----D---- C:\Windows\system32\MRT
2013-09-07 11:11:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-09-07 11:11:16 ----A---- C:\Windows\system32\certutil.exe
2013-09-07 11:11:14 ----A---- C:\Windows\system32\certenc.dll
2013-09-07 11:11:06 ----A---- C:\Windows\system32\mstscax.dll
2013-09-07 11:11:05 ----A---- C:\Windows\system32\tsgqec.dll
2013-09-07 11:11:05 ----A---- C:\Windows\system32\aaclient.dll
2013-09-07 11:10:54 ----A---- C:\Windows\system32\tzres.dll
2013-09-07 11:10:50 ----A---- C:\Windows\system32\win32spl.dll
2013-09-07 11:10:49 ----A---- C:\Windows\system32\qedit.dll
2013-09-07 11:10:45 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-09-07 11:10:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-09-07 11:10:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-09-07 11:10:43 ----A---- C:\Windows\system32\smss.exe
2013-09-07 11:10:43 ----A---- C:\Windows\system32\ntdll.dll
2013-09-07 11:10:43 ----A---- C:\Windows\system32\csrsrv.dll
2013-09-07 11:10:37 ----A---- C:\Windows\system32\win32k.sys
2013-09-07 11:10:34 ----A---- C:\Windows\system32\wintrust.dll
2013-09-07 11:10:34 ----A---- C:\Windows\system32\cryptsvc.dll
2013-09-07 11:10:34 ----A---- C:\Windows\system32\cryptnet.dll
2013-09-07 11:10:34 ----A---- C:\Windows\system32\crypt32.dll
2013-09-07 11:10:27 ----A---- C:\Windows\system32\rpcrt4.dll
2013-09-07 11:10:27 ----A---- C:\Windows\system32\DWrite.dll
2013-09-07 11:10:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-09-07 11:10:24 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-09-07 11:10:24 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-09-07 11:10:23 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-09-07 11:04:55 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-09-07 11:03:24 ----A---- C:\Windows\system32\shell32.dll
2013-09-07 11:03:23 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-07 11:03:23 ----A---- C:\Windows\system32\consent.exe
2013-09-07 11:03:23 ----A---- C:\Windows\system32\authui.dll
2013-09-07 11:03:22 ----A---- C:\Windows\system32\appinfo.dll
2013-09-05 01:43:42 ----A---- C:\Windows\system32\drivers\avgrkx86.sys
2013-08-17 02:07:00 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-09-14 15:47:30 ----D---- C:\Windows\Prefetch
2013-09-14 15:47:18 ----RD---- C:\Program Files
2013-09-14 15:44:07 ----D---- C:\Windows\Temp
2013-09-14 15:44:05 ----D---- C:\Users\Terezka\AppData\Roaming\uTorrent
2013-09-14 14:41:38 ----D---- C:\Windows\system32\config
2013-09-14 14:28:58 ----D---- C:\ProgramData\MFAData
2013-09-14 14:21:19 ----D---- C:\Users\Terezka\AppData\Roaming\Betcat
2013-09-13 21:52:15 ----D---- C:\Users\Terezka\AppData\Roaming\vlc
2013-09-13 12:48:45 ----D---- C:\Windows\System32
2013-09-13 12:48:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-09-13 11:04:42 ----SHD---- C:\Windows\Installer
2013-09-13 11:03:13 ----D---- C:\Windows\system32\drivers
2013-09-13 11:03:12 ----D---- C:\Windows\inf
2013-09-12 11:27:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-12 08:18:18 ----D---- C:\Windows\system32\catroot2
2013-09-11 10:02:59 ----SHD---- C:\System Volume Information
2013-09-10 07:23:55 ----D---- C:\Windows
2013-09-09 13:17:31 ----D---- C:\Users\Terezka\AppData\Roaming\FileZilla
2013-09-09 12:36:01 ----D---- C:\Program Files\Steam
2013-09-09 12:35:59 ----D---- C:\Users\Terezka\AppData\Roaming\Skype
2013-09-09 12:35:24 ----D---- C:\Windows\Logs
2013-09-09 12:35:24 ----D---- C:\Windows\debug
2013-09-09 12:30:08 ----D---- C:\Windows\system32\Tasks
2013-09-09 12:29:56 ----D---- C:\Program Files\CCleaner
2013-09-07 19:07:00 ----D---- C:\Windows\Microsoft.NET
2013-09-07 19:06:59 ----RSD---- C:\Windows\assembly
2013-09-07 12:02:08 ----D---- C:\Windows\winsxs
2013-09-07 11:58:09 ----D---- C:\Windows\system32\migration
2013-09-07 11:58:09 ----D---- C:\Program Files\Internet Explorer
2013-09-07 11:58:08 ----D---- C:\Windows\system32\cs-CZ
2013-09-07 11:58:07 ----D---- C:\Program Files\Windows Journal
2013-09-07 11:58:06 ----D---- C:\Program Files\Windows Defender
2013-09-07 11:58:01 ----D---- C:\Windows\system32\DriverStore
2013-09-07 11:44:33 ----D---- C:\Windows\system32\catroot
2013-09-07 11:33:36 ----D---- C:\ProgramData\Microsoft Help
2013-08-18 15:09:39 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-07-20 60216]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-07-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-07-01 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-05 39224]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-10 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-07-20 208184]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22328]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-07-20 171320]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-03-21 182072]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 nm3;Microsoft Network Monitor 3 Driver; C:\Windows\system32\DRIVERS\nm3.sys [2010-06-09 39736]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2004-07-14 676864]
R2 Haspnt;Haspnt; \??\C:\Windows\system32\drivers\Haspnt.sys [2010-07-09 47616]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-11-08 2785568]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2006-11-01 76288]
S3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2009-09-02 2077696]
S3 a5glmtto;a5glmtto; C:\Windows\system32\drivers\a5glmtto.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2009-07-17 80384]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2007-10-25 5632]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TAP;TAP-Win32 Adapter; C:\Windows\system32\DRIVERS\tapdrvr.sys [2004-05-10 20992]
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-10-02 25984]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-12-14 41984]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
S3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 ChannelRg;ChannelRg; C:\Program Files\Common Files\GoldenSoft\ChannelRg.exe [2003-11-28 86016]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-11-12 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-03 173352]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-10-19 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-01 651720]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-07-13 411432]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 14 zář 2013 15:48

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

kocab22 · #3 Příspěvek od **kocab22** » 14 zář 2013 19:19

Díky za odpověď, tady první log z JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Windows 7 Professional x86
Ran by Terezka on so 14.09.2013 at 20:17:21,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\webcake desktop
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\menubuttonie.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\webcakeieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c4ed781c-7394-4906-aaff-d6ab64ff7c38}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034362.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322432262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355435562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366436662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344434462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034362.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355435562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366436662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344434462}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311431162}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D307F2F8-A90C-45B3-94BD-10F0F925A081}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\askbardis"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Terezka\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Terezka\AppData\Roaming\betcat"
Successfully deleted: [Folder] "C:\Users\Terezka\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Terezka\AppData\Roaming\webcake"
Successfully deleted: [Folder] "C:\Users\Terezka\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Terezka\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Terezka\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Terezka\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Terezka\appdata\locallow\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\utorrentbar"
Successfully deleted: [Folder] "C:\Program Files\webcake"
Successfully deleted: [Folder] "C:\Program Files\askbardis"

~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\mp3tube.xml"
Emptied folder: C:\Users\Terezka\AppData\Roaming\mozilla\firefox\profiles\n08rtaji.default-1374560494266\minidumps [27 files]

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 14.09.2013 at 20:22:49,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

kocab22 · #4 Příspěvek od **kocab22** » 14 zář 2013 19:30

A tady druhý scan

# AdwCleaner v3.003 - Report created 14/09/2013 at 20:27:23
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Terezka - CHANG
# Running from : C:\Users\Terezka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\HDvidCodec.com
Folder Deleted : C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{6AA54174-C9E8-4B07-95A0-0FBC19CBE64C}
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Users\Terezka\Desktop\HDVidCodec.lnk
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClickPotatoLiteSA_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A2FD88-04C2-4B58-9698-3F2D385FED39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A2FD88-04C2-4B58-9698-3F2D385FED39}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A2FD88-04C2-4B58-9698-3F2D385FED39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B94FA8F-4670-4C7C-8B00-D38595EA68BE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0FFF86BA-6E79-4FE3-ACD6-C3820AEA7175}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKLM\Software\AskBarDis
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Terezka\AppData\Roaming\Mozilla\Firefox\Profiles\n08rtaji.default-1374560494266\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [5530 octets] - [14/09/2013 20:25:28]
AdwCleaner[S0].txt - [5495 octets] - [14/09/2013 20:27:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5555 octets] ##########

#5 Příspěvek od **vyosek** » 14 zář 2013 19:31

Doporucuji zvetsit volne misto aspon na 10GB, jinak se system bude dusit

System drive C: has 5 GB (7%) free of 73 GB

Poprosim o FRSTL http://forum.viry.cz/viewtopic.php?f=13&t=132519

kocab22 · #6 Příspěvek od **kocab22** » 15 zář 2013 15:05

Místo na disku zkusím zvětšit, musím říct přítelkyni ať si to promaže.. Má tam spoustu pracovních věcí, tak to němůžu mazat sám. Pokusil jsem se vytvořit log přes FRST ale neůspěšně. Napíše hlášku že nelze použít dokud není stáhlý z jistého linku. Přikládám obrázek s hláškou. Z linku jsem nic nestahoval a raději píšu sem, protože v návodu je napsáno že se mají objevit licenční podmínky a pak dělám scan, což nekoresponduje s tím co se děje v pc.. Díky za další radu / postup.

#7 Příspěvek od **vyosek** » 15 zář 2013 19:13

Ano, je tam chybka, resime s autorem FRST

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

kocab22 · #8 Příspěvek od **kocab22** » 15 zář 2013 20:08

Takže už jsme uvolnili na disku nějaké místo ať má systém víc prostoru k "dýchání"

Tady přikládám logy z OTL

OTL logfile created on: 15.9.2013 20:34:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Terezka\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 43,88% Memory free
3,98 Gb Paging File | 2,54 Gb Available in Paging File | 63,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 71,43 Gb Total Space | 16,42 Gb Free Space | 22,98% Space Free | Partition Type: NTFS
Drive D: | 7,31 Gb Total Space | 0,81 Gb Free Space | 11,11% Space Free | Partition Type: FAT32

Computer Name: CHANG | User Name: Terezka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.09.15 20:31:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Terezka\Desktop\OTL.exe
PRC - [2013.09.11 09:47:24 | 001,862,024 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
PRC - [2013.08.17 02:07:16 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.08.15 11:53:50 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013.07.23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013.07.10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013.07.04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013.07.04 15:53:26 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013.07.04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.30 23:27:10 | 000,107,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
PRC - [2010.12.03 17:47:58 | 000,141,368 | ---- | M] (Software602) -- C:\Program Files\Software602\Print2PDF\Print2PDF.exe
PRC - [2010.09.03 15:07:46 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2009.11.12 14:48:56 | 000,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2009.09.22 12:50:36 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2009.04.02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2003.11.28 16:11:16 | 000,086,016 | ---- | M] () -- C:\Program Files\Common Files\GoldenSoft\ChannelRg.exe

========== Modules (No Company Name) ==========

MOD - [2013.09.11 09:47:23 | 016,177,544 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_168.dll
MOD - [2013.08.17 02:07:15 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011.01.30 23:27:22 | 001,712,128 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libvorbis_plugin.dll
MOD - [2011.01.30 23:27:22 | 001,199,104 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtaglib_plugin.dll
MOD - [2011.01.30 23:27:22 | 001,137,664 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libxml_plugin.dll
MOD - [2011.01.30 23:27:22 | 000,368,640 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtheora_plugin.dll
MOD - [2011.01.30 23:27:22 | 000,078,848 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libzip_plugin.dll
MOD - [2011.01.30 23:27:22 | 000,046,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libwaveout_plugin.dll
MOD - [2011.01.30 23:27:22 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll
MOD - [2011.01.30 23:27:22 | 000,032,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libtrivial_channel_mixer_plugin.dll
MOD - [2011.01.30 23:27:22 | 000,031,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll
MOD - [2011.01.30 23:27:20 | 011,051,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libqt4_plugin.dll
MOD - [2011.01.30 23:27:20 | 002,170,368 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libskins2_plugin.dll
MOD - [2011.01.30 23:27:20 | 001,025,536 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libschroedinger_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,130,048 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libspeex_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libspudec_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libscaletempo_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,034,304 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,032,768 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\librawvideo_plugin.dll
MOD - [2011.01.30 23:27:20 | 000,031,232 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,237,568 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpng_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,108,032 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libplaylist_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,081,408 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,053,760 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,047,616 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,042,496 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,040,448 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,039,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,039,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_flac_plugin.dll
MOD - [2011.01.30 23:27:18 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll
MOD - [2011.01.30 23:27:16 | 001,747,968 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblibass_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,337,408 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblua_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,194,048 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmp4_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,128,000 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,046,592 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libhotkeys_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,038,912 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmono_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,037,888 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,035,840 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liblpcm_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll
MOD - [2011.01.30 23:27:16 | 000,033,792 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,309,760 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfaad_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,265,216 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libflac_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,231,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdvdnav_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,210,944 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdshow_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,178,176 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,067,072 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdirectx_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,047,104 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libbandlimited_resampler_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,041,984 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libflacsys_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,041,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libes_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,039,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfilesystem_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,039,424 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdts_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,037,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfake_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,036,864 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libcvdsub_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,034,304 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libcdg_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,032,768 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,032,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,032,256 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll
MOD - [2011.01.30 23:27:14 | 000,031,744 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll
MOD - [2011.01.30 23:27:12 | 000,090,112 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libavi_plugin.dll
MOD - [2011.01.30 23:27:10 | 002,264,064 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlccore.dll
MOD - [2011.01.30 23:27:10 | 000,107,008 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\vlc.exe
MOD - [2011.01.30 23:27:10 | 000,101,376 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\libvlc.dll
MOD - [2011.01.30 23:27:10 | 000,090,112 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,072,192 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libasf_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,065,536 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,047,104 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaout_directx_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,045,568 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaraw_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,041,472 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaudio_format_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,033,280 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\libaes3_plugin.dll
MOD - [2011.01.30 23:27:10 | 000,030,720 | ---- | M] () -- C:\Program Files\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll
MOD - [2010.12.02 02:13:18 | 000,214,528 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\Software602.dll
MOD - [2009.03.11 14:41:42 | 000,049,152 | ---- | M] () -- C:\Program Files\OxelonMedia\menuext.dll
MOD - [2008.03.30 16:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll

========== Services (SafeList) ==========

SRV - [2013.09.13 12:48:42 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.08.17 02:07:16 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013.07.04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.07.13 18:24:29 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.09.03 15:07:46 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.08.01 17:00:04 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.22 23:36:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2009.11.12 14:48:56 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2003.11.28 16:11:16 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\GoldenSoft\ChannelRg.exe -- (ChannelRg)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (av9cberm)
DRV - [2013.09.10 01:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.09.05 01:43:42 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.07.20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.07.20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.07.20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.07.20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.07.01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.03.21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.09 13:35:16 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\Haspnt.sys -- (Haspnt)
DRV - [2010.06.09 17:05:38 | 000,039,736 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\nm3.sys -- (nm3)
DRV - [2010.04.03 22:55:32 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.11.10 15:48:09 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009.10.02 00:18:44 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2009.09.23 03:18:08 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2009.09.23 03:18:07 | 000,165,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2009.09.02 12:21:34 | 002,077,696 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2009.08.04 10:28:18 | 000,011,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)
DRV - [2009.07.17 17:53:38 | 000,080,384 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.07.16 11:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2009.07.06 10:48:02 | 000,011,448 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009.04.28 11:08:40 | 000,461,824 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2007.10.25 18:26:10 | 000,005,632 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006.11.01 17:56:16 | 000,076,288 | ---- | M] (Rainbow Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\SENTINEL.SYS -- (Sentinel)
DRV - [2006.10.01 14:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
DRV - [2004.07.14 12:54:42 | 000,676,864 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (Hardlock)
DRV - [2004.05.10 06:32:53 | 000,020,992 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tapdrvr.sys -- (TAP)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN ... earchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA AC 81 29 B2 85 CA 01 [binary data]
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\SearchScopes\{30104308-0EAA-4065-851B-6F5F2B49A7F2}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Terezka\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Terezka\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.01.19 09:46:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.01.19 09:46:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.09.12 14:49:18 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.09.12 14:49:18 | 000,000,000 | ---D | M]

[2009.11.11 22:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Terezka\AppData\Roaming\Mozilla\Extensions
[2013.09.14 20:27:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.08.17 02:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.08.17 02:07:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.11.09 13:26:59 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

========== Chrome ==========

CHR - default_search_provider: Centrum.cz (Enabled)
CHR - default_search_provider: search_url = http://search.centrum.cz/index.php?char ... earchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - Extension: YouTube = C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: HDvid Codec 3 = C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnllcmllkjofnojidnaknldfehfhehoo\3.0_0\
CHR - Extension: DivX HiQ = C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
CHR - Extension: Gmail = C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2010.02.09 15:48:23 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 192.168.100.4 autodiscover.renomix.local
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKU\S-1-5-21-592630318-3070953743-1396752941-1003..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..Trusted Domains: mojebanka.cz ([*] https in Důvěryhodné servery)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.3.cab (DLM Control)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.9.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BD37D4C-EFFA-4003-9F19-2B0D544A5B77}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.04.14 22:54:30 | 000,000,166 | ---- | M] () - D:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2006.06.29 02:27:36 | 000,000,045 | ---- | M] () - D:\autorun (2).inf -- [ FAT32 ]
O33 - MountPoints2\{e316c6ab-cdff-11de-9969-0013d482c30c}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\System32\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: SENTINEL - C:\Windows\System32\SNTI386.DLL (Rainbow Technologies, Inc.)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.tscc - C:\Windows\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.09.15 20:31:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Terezka\Desktop\OTL.exe
[2013.09.15 18:20:33 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2013.09.15 18:20:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
[2013.09.15 18:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinDirStat
[2013.09.15 15:59:18 | 001,084,047 | ---- | C] (Farbar) -- C:\Users\Terezka\Desktop\FRST.exe
[2013.09.15 15:59:17 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Local\qb0E48F1.BE
[2013.09.15 15:57:49 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Local\qb0CF315.70
[2013.09.15 15:56:48 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Local\qb0C04FF.D4
[2013.09.15 15:55:22 | 000,365,056 | ---- | C] (forum.viry.cz) -- C:\Users\Terezka\Desktop\FRSTLauncher.exe
[2013.09.14 20:17:13 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.09.14 20:16:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.14 20:14:35 | 001,029,509 | ---- | C] (Thisisu) -- C:\Users\Terezka\Desktop\JRT.exe
[2013.09.14 15:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.14 15:47:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.13 11:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013.09.10 01:34:48 | 000,022,328 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2013.09.09 12:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

========== Files - Modified Within 7 Days ==========

[2013.09.15 20:37:32 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.15 20:31:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Terezka\Desktop\OTL.exe
[2013.09.15 20:30:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003UA.job
[2013.09.15 20:01:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.15 19:47:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.09.15 18:48:56 | 000,020,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.15 18:48:56 | 000,020,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.15 18:20:34 | 000,000,989 | ---- | M] () -- C:\Users\Terezka\Desktop\WinDirStat.lnk
[2013.09.15 17:24:01 | 000,001,204 | ---- | M] () -- C:\Windows\tasks\HDvid Codec V1-updater.job
[2013.09.15 17:23:00 | 000,001,198 | ---- | M] () -- C:\Windows\tasks\HDvid Codec V1-codedownloader.job
[2013.09.15 17:23:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\HDvid Codec V1-enabler.job
[2013.09.15 16:08:39 | 000,106,718 | ---- | M] () -- C:\Users\Terezka\Desktop\farbar.jpg
[2013.09.15 15:55:23 | 000,365,056 | ---- | M] (forum.viry.cz) -- C:\Users\Terezka\Desktop\FRSTLauncher.exe
[2013.09.15 15:44:36 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.15 15:44:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.15 15:44:19 | 1603,674,112 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.15 04:15:52 | 001,084,047 | ---- | M] (Farbar) -- C:\Users\Terezka\Desktop\FRST.exe
[2013.09.14 21:15:52 | 000,634,530 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.09.14 21:15:52 | 000,618,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.09.14 21:15:52 | 000,123,120 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.09.14 21:15:52 | 000,107,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.09.14 20:15:05 | 001,029,509 | ---- | M] (Thisisu) -- C:\Users\Terezka\Desktop\JRT.exe
[2013.09.14 20:14:41 | 001,037,278 | ---- | M] () -- C:\Users\Terezka\Desktop\adwcleaner.exe
[2013.09.14 15:30:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003Core.job
[2013.09.13 12:48:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.09.13 12:48:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.09.13 11:03:19 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013.09.10 01:34:48 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgidsshimx.sys
[2013.09.09 12:29:58 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

========== Files Created - No Company Name ==========

[2013.09.15 20:37:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.15 18:20:34 | 000,000,989 | ---- | C] () -- C:\Users\Terezka\Desktop\WinDirStat.lnk
[2013.09.15 16:00:44 | 000,106,718 | ---- | C] () -- C:\Users\Terezka\Desktop\farbar.jpg
[2013.09.14 20:14:40 | 001,037,278 | ---- | C] () -- C:\Users\Terezka\Desktop\adwcleaner.exe
[2012.10.17 11:13:40 | 000,004,620 | ---- | C] () -- C:\Users\Terezka\VÝTISKOVÁ_TEREZA.p12
[2012.09.08 13:17:34 | 000,004,627 | ---- | C] () -- C:\Users\Terezka\HÁJKOVÁ_IVANA_certifikatKB.p12
[2012.06.01 13:11:33 | 000,017,408 | ---- | C] () -- C:\Users\Terezka\AppData\Local\WebpageIcons.db
[2012.02.22 19:36:47 | 000,000,850 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2012.01.09 22:56:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\d31389f8b2c30777b242da7ff1af2369_c
[2009.11.09 13:05:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.11.08 17:57:24 | 000,000,374 | RHS- | C] () -- C:\ProgramData\ntuser.pol

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.01.31 10:33:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 10:33:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.05.02 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\AVG
[2013.06.03 13:12:06 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\AVG2013
[2011.04.25 01:05:40 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\BlackBean
[2013.04.07 19:45:34 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\BSplayer
[2013.03.30 21:47:08 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\BSplayer Pro
[2013.09.09 13:17:31 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\FileZilla
[2011.01.03 10:32:26 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Foxit Software
[2012.10.03 13:45:20 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\GHISLER
[2013.01.05 10:24:08 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\ICQ
[2012.01.13 13:52:35 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Microgaming
[2010.10.17 19:48:23 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Miranda
[2011.02.03 13:07:25 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\MyHeritage
[2011.03.08 17:20:39 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\PC Suite
[2011.03.08 17:15:17 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Samsung
[2011.12.02 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Software602
[2012.04.16 19:38:04 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Spark
[2011.07.14 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Sports Interactive
[2012.03.25 10:28:17 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\TeamViewer
[2013.06.03 13:04:46 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\TuneUp Software
[2013.09.14 20:16:07 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\uTorrent
[2012.04.30 19:51:43 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\WinZip

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,032,566 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.06.05 11:38:55 | 000,000,934 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.06.05 11:38:56 | 000,000,938 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.07 10:36:46 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.05.02 16:43:28 | 000,000,918 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003Core.job
[2012.05.02 16:43:31 | 000,000,970 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003UA.job
[2013.01.30 17:40:48 | 000,000,298 | ---- | C] () -- C:\Windows\Tasks\ROC_REG_JAN_DELETE.job
[2013.07.07 17:22:40 | 000,001,198 | ---- | C] () -- C:\Windows\Tasks\HDvid Codec V1-codedownloader.job
[2013.07.07 17:23:51 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\HDvid Codec V1-enabler.job
[2013.07.07 17:24:08 | 000,001,204 | ---- | C] () -- C:\Windows\Tasks\HDvid Codec V1-updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 18:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 19:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\System32\drivers\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012.03.30 12:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 17:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010.04.09 09:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 09:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 19:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.03.30 12:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[20 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\34040f093a63a8239849e531dfa4b587\*.tmp files -> C:\Windows\SoftwareDistribution\Download\34040f093a63a8239849e531dfa4b587\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\93b2a162e8b3bb5436cc44c65b27f920\*.tmp files -> C:\Windows\SoftwareDistribution\Download\93b2a162e8b3bb5436cc44c65b27f920\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e0c387a3532f011996787d0ee3c3e144\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e0c387a3532f011996787d0ee3c3e144\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fc25d434859e8e4877046ce7775be24f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fc25d434859e8e4877046ce7775be24f\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2010.03.22 09:42:35 | 004,619,695 | ---- | M] (Canneverbe Limited ) -- C:\cdbxp_setup_4.3.0.1991.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.07.12 10:09:48 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Adobe
[2011.07.13 18:48:39 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Apple Computer
[2012.02.24 23:08:46 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\ArcSoft
[2012.05.02 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\AVG
[2013.06.03 13:12:06 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\AVG2013
[2011.04.25 01:05:40 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\BlackBean
[2013.04.07 19:45:34 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\BSplayer
[2013.03.30 21:47:08 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\BSplayer Pro
[2011.01.29 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\DivX
[2010.06.21 21:31:23 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\dvdcss
[2013.09.09 13:17:31 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\FileZilla
[2011.01.03 10:32:26 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Foxit Software
[2012.10.03 13:45:20 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\GHISLER
[2013.01.05 10:24:08 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\ICQ
[2009.11.11 18:26:21 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Identities
[2012.02.22 19:36:12 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\InstallShield
[2009.11.11 18:26:50 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Macromedia
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Media Center Programs
[2012.01.13 13:52:35 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Microgaming
[2012.10.03 13:34:12 | 000,000,000 | --SD | M] -- C:\Users\Terezka\AppData\Roaming\Microsoft
[2010.10.17 19:48:23 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Miranda
[2009.11.11 22:24:05 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Mozilla
[2011.02.03 13:07:25 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\MyHeritage
[2011.03.08 17:20:39 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\PC Suite
[2011.03.08 17:15:17 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Samsung
[2013.09.09 12:35:59 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Skype
[2011.05.28 10:47:06 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\skypePM
[2011.12.02 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Software602
[2012.04.16 19:38:04 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Spark
[2011.07.14 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\Sports Interactive
[2012.03.25 10:28:17 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\TeamViewer
[2013.06.03 13:04:46 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\TuneUp Software
[2012.10.31 14:05:46 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\U3
[2013.09.14 20:16:07 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\uTorrent
[2013.09.15 18:27:14 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\vlc
[2012.08.22 09:28:14 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\VMware
[2012.04.30 19:51:43 | 000,000,000 | ---D | M] -- C:\Users\Terezka\AppData\Roaming\WinZip

< %APPDATA%\*.exe /s >
[2011.03.08 17:18:26 | 000,847,872 | ---- | M] (Samsung Electronics Co., Ltd. ) -- C:\Users\Terezka\AppData\Roaming\Samsung\New PC Studio\LiveUpdate\Setup_For_Full_Update_IH2_7.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Users\Terezka\AppData\Roaming\U3\temp\cleanup.exe
[2007.10.23 10:22:56 | 003,350,528 | -H-- | M] (SanDisk Corporation) -- C:\Users\Terezka\AppData\Roaming\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.09.15 20:47:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.09.15 15:44:36 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.15 21:01:02 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.14 15:30:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003Core.job
[2013.09.15 20:30:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003UA.job
[2013.09.15 17:23:00 | 000,001,198 | ---- | M] () -- C:\Windows\Tasks\HDvid Codec V1-codedownloader.job
[2013.09.15 17:23:00 | 000,001,108 | ---- | M] () -- C:\Windows\Tasks\HDvid Codec V1-enabler.job
[2013.09.15 17:24:01 | 000,001,204 | ---- | M] () -- C:\Windows\Tasks\HDvid Codec V1-updater.job
[2013.01.31 10:20:57 | 000,000,298 | ---- | M] () -- C:\Windows\Tasks\ROC_REG_JAN_DELETE.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.11.10 15:48:09 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.09.15 18:48:56 | 000,020,528 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.15 18:48:56 | 000,020,528 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.13 12:48:33 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.09.13 12:48:33 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.09.14 21:15:52 | 000,123,120 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.09.14 21:15:52 | 000,107,256 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.09.14 21:15:52 | 000,634,530 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.09.14 21:15:52 | 000,618,936 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.09.14 21:15:52 | 001,478,822 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >
[2010.03.22 09:42:35 | 004,619,695 | ---- | M] (Canneverbe Limited ) -- C:\cdbxp_setup_4.3.0.1991.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"AutoStartNPSAgent" = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe -- [2009.04.02 19:05:22 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.)
"Google Update" = "C:\Users\Terezka\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.05.02 16:43:06 | 000,116,648 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.08.17 02:07:16 | 000,276,376 | ---- | M] (Mozilla Corporation) MD5=B4CF3FB7E9B8EA69757541DCE6CA20ED -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.07.25 04:42:37 | 000,757,400 | ---- | M] (Microsoft Corporation) MD5=57EC630DBD5F0713E77CB3540AB80A8E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.15 20:37:32 | 000,000,512 | ---- | M] () MD5=BE0C31B204397479F51A10340A134021 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.10.04 22:50:56 | 000,062,238 | ---- | M] () -- \Program Files\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat

< *keygen* /s >
[2010.04.06 17:54:24 | 000,000,837 | R--- | M] () -- \ProgramData\Microsoft\Network Monitor 3\NPL\NetworkMonitor Parsers\Common\keygen.npl
[2010.04.06 17:54:26 | 000,000,180 | R--- | M] () -- \ProgramData\Microsoft\Network Monitor 3\NPL\NetworkMonitor Parsers\Common\Stubs\keygen.npl
[2010.04.06 17:54:24 | 000,000,837 | R--- | M] () -- \Users\All Users\Microsoft\Network Monitor 3\NPL\NetworkMonitor Parsers\Common\keygen.npl
[2010.04.06 17:54:26 | 000,000,180 | R--- | M] () -- \Users\All Users\Microsoft\Network Monitor 3\NPL\NetworkMonitor Parsers\Common\Stubs\keygen.npl

kocab22 · #9 Příspěvek od **kocab22** » 15 zář 2013 20:08

< *loader* /s >
[2005.03.24 13:51:08 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2010.03.18 09:41:08 | 000,019,357 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\bin\_cploader.log
[2009.04.15 14:28:22 | 000,003,274 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_de_DE.properties
[2009.04.15 14:28:24 | 000,003,146 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_en_US.properties
[2009.04.15 14:28:22 | 000,003,274 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_es_ES.properties
[2009.04.15 14:28:22 | 000,003,274 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_fr_FR.properties
[2009.04.15 14:28:22 | 000,003,273 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_it_IT.properties
[2009.04.15 14:28:22 | 000,003,273 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_ja_JP.properties
[2009.04.15 14:28:22 | 000,003,273 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\classes\CP_System_Loader_zh_CN.properties
[2009.04.15 14:27:06 | 000,006,950 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\lib\cpfdmloader.jar
[2009.04.15 14:27:06 | 000,053,792 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\lib\cpfeatureloader.jar
[2009.04.15 14:27:06 | 000,006,748 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\lib\cpfrwkloader.jar
[2009.04.15 14:27:04 | 000,017,717 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\lib\cpmenuloader.jar
[2009.04.15 14:27:06 | 000,007,153 | ---- | M] () -- \Program Files\Cisco Systems\CiscoCP\webapps\ROOT\WEB-INF\lib\cpnedmloader.jar
[2005.03.16 19:16:50 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.02.07 22:40:00 | 000,000,543 | ---- | M] () -- \Program Files\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009.12.15 18:58:18 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009.12.15 18:58:20 | 000,018,592 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009.12.15 18:58:24 | 000,026,272 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009.12.15 18:58:26 | 000,012,960 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009.12.15 18:58:28 | 000,017,568 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009.12.15 18:58:56 | 000,019,616 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009.12.15 18:59:04 | 000,015,008 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009.12.15 18:59:06 | 000,019,104 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009.12.15 18:59:10 | 000,017,056 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009.12.15 18:59:14 | 000,012,448 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009.12.15 18:59:16 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009.12.15 18:59:20 | 000,016,544 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009.12.15 18:59:22 | 000,011,936 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009.12.15 18:59:24 | 000,013,984 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009.12.15 18:59:28 | 000,028,320 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009.05.01 20:42:00 | 000,009,880 | ---- | M] () -- \Program Files\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2013.07.07 17:22:27 | 000,476,672 | ---- | M] () -- \Program Files\HDvid Codec V1\HDvid Codec V1-codedownloader.exe
[2011.03.27 13:54:22 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.03.27 13:54:22 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\loader.swf
[2011.03.27 13:54:23 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.03.27 13:54:22 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.2\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.03.27 13:57:29 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\icq_profile\preloader.html
[2011.03.27 13:57:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_forms\preloader.html
[2011.03.27 13:57:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.2\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.03.31 10:23:58 | 000,289,280 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSAndroidDownloader.dll
[2009.03.12 10:31:22 | 000,285,184 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\NPSLinuxMitsDownloader.dll
[2009.03.31 10:39:20 | 000,208,896 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\Symbian_Downloader_DLL.dll
[2009.04.02 19:03:40 | 000,258,048 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader.dll
[2008.11.25 17:52:24 | 000,266,240 | ---- | M] () -- \Program Files\Samsung\Samsung New PC Studio\ModelExtension\NPSBinaryLoader2.dll
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.01.22 18:35:56 | 000,158,954 | ---- | M] () -- \Users\Terezka\Documents\Angličtina - výuka\Cvičení - articles_soubory\cssloader-335fd39d0bbc.css
[2013.01.22 18:35:56 | 000,179,954 | ---- | M] () -- \Users\Terezka\Documents\Angličtina - výuka\Cvičení - articles_soubory\jsloader-9205397f528c.js
[2011.09.26 21:12:37 | 000,997,376 | ---- | M] () -- \Users\Terezka\Downloads\SRDownloader.exe
[2009.11.08 15:04:20 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.09.15 17:23:00 | 000,012,408 | ---- | M] () -- \Windows\Prefetch\HDVID CODEC V1-CODEDOWNLOADER-8E6722E1.pf
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.07.07 17:23:28 | 000,004,228 | ---- | M] () -- \Windows\System32\Tasks\HDvid Codec V1-codedownloader
[2013.09.15 15:55:04 | 000,003,528 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Uploader
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2013.09.15 17:23:00 | 000,001,198 | ---- | M] () -- \Windows\Tasks\HDvid Codec V1-codedownloader.job
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.05.16 09:03:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.05.16 09:03:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.05.16 09:03:03 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.12.20 01:00:00 | 000,068,608 | ---- | M] () -- \xampp\MercuryMail\loader.exe
[2009.12.20 01:00:00 | 000,014,987 | ---- | M] () -- \xampp\perl\lib\AutoLoader.pm
[2009.12.20 01:00:00 | 000,025,806 | ---- | M] () -- \xampp\perl\lib\DynaLoader.pm
[2009.12.20 01:00:00 | 000,017,341 | ---- | M] () -- \xampp\perl\lib\SelfLoader.pm
[2009.12.20 01:00:00 | 000,010,882 | ---- | M] () -- \xampp\perl\lib\XSLoader.pm
[2009.12.20 01:00:00 | 000,001,329 | ---- | M] () -- \xampp\perl\lib\Locale\Maketext\GutsLoader.pm
[2009.12.20 01:00:00 | 000,001,027 | ---- | M] () -- \xampp\perl\site\lib\Apache2\XSLoader.pm
[2009.12.20 01:00:00 | 000,001,031 | ---- | M] () -- \xampp\perl\site\lib\APR\XSLoader.pm
[2009.12.20 01:00:00 | 000,010,700 | ---- | M] () -- \xampp\perl\site\lib\ModPerl\RegistryLoader.pm
[2009.12.20 01:00:00 | 000,006,565 | ---- | M] () -- \xampp\php\PEAR\PEAR\Autoloader.php
[2009.12.20 01:00:00 | 000,066,314 | ---- | M] () -- \xampp\php\PEAR\PEAR\Downloader.php
[2009.12.20 01:00:00 | 000,009,232 | ---- | M] () -- \xampp\php\PEAR\Zend\Loader.php
[2009.12.20 01:00:00 | 000,007,587 | ---- | M] () -- \xampp\php\PEAR\Zend\Amf\Parse\TypeLoader.php
[2009.12.20 01:00:00 | 000,002,786 | ---- | M] () -- \xampp\php\PEAR\Zend\Application\Module\Autoloader.php
[2009.12.20 01:00:00 | 000,016,699 | ---- | M] () -- \xampp\php\PEAR\Zend\Loader\Autoloader.php
[2009.12.20 01:00:00 | 000,014,838 | ---- | M] () -- \xampp\php\PEAR\Zend\Loader\PluginLoader.php
[2009.12.20 01:00:00 | 000,010,500 | ---- | M] () -- \xampp\php\PEAR\Zend\Search\Lucene\Index\DictionaryLoader.php
[2009.12.20 01:00:00 | 000,004,643 | ---- | M] () -- \xampp\php\PEAR\Zend\Tool\Framework\Loader\IncludePathLoader.php

========== Alternate Data Streams ==========

@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >

kocab22 · #10 Příspěvek od **kocab22** » 15 zář 2013 20:09

OTL Extras logfile created on: 15.9.2013 20:34:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Terezka\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,87 Gb Available Physical Memory | 43,88% Memory free
3,98 Gb Paging File | 2,54 Gb Available in Paging File | 63,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 71,43 Gb Total Space | 16,42 Gb Free Space | 22,98% Space Free | Partition Type: NTFS
Drive D: | 7,31 Gb Total Space | 0,81 Gb Free Space | 11,11% Space Free | Partition Type: FAT32

Computer Name: CHANG | User Name: Terezka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.scr [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02CE11E9-4187-49EC-97AA-D0722C7F04B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{052BECE4-E98D-4DAE-ABD1-A8AF71216917}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{19EE3CEE-1661-465A-88AC-D8423E3DB44E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A225FC9-F5DD-4A4A-B3B9-1E8F984594D9}" = lport=3390 | protocol=6 | dir=in | app=system |
"{256E5BB6-CD4E-44FA-8877-8C1435CCFF0A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{388F918D-6950-4A4F-9B81-E340806E8E72}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{393E2269-AF75-4751-8CA8-D7FEF84286B5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3EAC48B2-4DE5-4EC8-9ADD-15A2FD1D0746}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41687FF6-3949-49BB-AA5A-8FA4DCCBFC70}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{425EEFEB-584A-4F04-A798-CB2671003673}" = rport=138 | protocol=17 | dir=out | app=system |
"{4300725F-2BD1-4EE1-A8E0-BC2028D31420}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4650A506-D75B-4973-8A35-C76A105CFD64}" = rport=445 | protocol=6 | dir=out | app=system |
"{4B16AC57-4218-4AD2-BA4F-872908175FB0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D48E6FB-FF8A-4EE5-910C-02CF77E8B588}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F50952D-03F7-4ED6-9F37-95C1C5519E04}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5FADCA99-92C4-4DB7-BA70-F5618B0D03A8}" = lport=10244 | protocol=6 | dir=in | app=system |
"{6D726AD9-A114-4F9A-A6BA-33C46141A0FD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{70C6E1C8-2F2A-454F-BCAD-A0BD702C656F}" = lport=445 | protocol=6 | dir=in | app=system |
"{72BCC2C8-E616-40D3-8F2E-17558C33A8CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CFACEDE-BFB8-4898-B265-ADE456C33177}" = lport=139 | protocol=6 | dir=in | app=system |
"{7F0F0CA5-676C-4506-BFE7-FE39FA01EDAA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86352D9E-3097-4620-B33F-6D7CFD1A7F9A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9008B3BC-6585-4E5E-B900-C5B7D0C345E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{90D2EF7A-DB1C-4970-A0CC-EC3B6DEEC603}" = rport=139 | protocol=6 | dir=out | app=system |
"{916CC65F-AE33-41F9-BE5D-697CE48ED999}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{937D3889-82EB-46D1-97BB-10E725FAE14F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93BBFDDD-D3E4-4437-B36F-1F341421E96F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{96E0C276-5F45-4F58-A555-FC4BF1BCDC2E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99FA5D01-5FA1-497A-AF23-EC34F7ED1C74}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9B47E099-ACA5-4377-AE58-937A4AED6859}" = rport=137 | protocol=17 | dir=out | app=system |
"{9D6D919F-34A8-4C29-B05B-A5FE6BFCE272}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A87E438E-91B1-4B12-B900-611EDFC03FA0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B791EF1C-754E-4C1F-92A3-10E3998D7376}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C0F5CEF7-8B3F-4D2C-A6DC-1EF3F09F978D}" = lport=10244 | protocol=6 | dir=in | app=system |
"{C5700104-6C03-421F-8198-53CD2662B1AE}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{C6C48893-EA53-4A1D-A7A5-357C6C959807}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C7B453E8-9E1A-441D-A899-35725D59A52A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7F8F3EB-194E-4DBA-B497-9E3E368C38F2}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D0813C6F-8EA3-4825-9AAC-916894F156D7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D48C62D5-D938-45D1-9138-A44B73B743BA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D57A5E66-83BF-410A-BC4E-2B9A0770039B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF68F17F-9C7B-4EAE-86C3-FC0C984363FA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E50DDEFD-A72A-4882-9B23-A9919C3FEF63}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{E6409C3E-40D7-4A56-8328-7EFEDADF7920}" = lport=3390 | protocol=6 | dir=in | app=system |
"{E828BE1E-3A90-4A78-ADAD-3F009DE5D6FC}" = lport=138 | protocol=17 | dir=in | app=system |
"{EB3F30A4-5427-4B57-984B-F4681FB96D47}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF9EB7D1-A533-41DE-BC9D-E55C23516862}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC850280-FCB4-4883-8F67-4646446FAE54}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02916923-5C9C-46BC-8D6B-AB780DDF03FE}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{0A52F0BA-257A-428B-A649-D926AE35FC3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0AA2768F-6879-4FA0-BF33-6DA0FF67678B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0C35F2DA-043E-4A32-B983-E4B5FFCD726D}" = protocol=17 | dir=in | app=c:\program files\cisco packet tracer 5.3\bin\packettracer5.exe |
"{0C5704C0-D650-4D0C-A11B-BBBD2839223E}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0DA6CB76-5D9C-4A98-B49D-BB88C1A52F4D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{1575F354-7541-41DA-BC0C-CB4AA6E316BD}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{1577BC4B-FF8D-4CF0-B93A-A8086E09F613}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17B8394E-531F-453D-B866-1384F1668FE5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{19C4A309-13A4-4444-B0F5-10818E9C89F2}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{1BA48DA5-41A0-45E1-BA22-D6B3B21018DF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{20C5577A-B451-4E07-AFAE-167581032C9B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{23D5C56F-A2DF-46B5-9817-0C59B9FFF5BF}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{260FEBB5-E852-47FD-A001-1D431FF2D47F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{29E3F74E-1735-4E56-A8D8-738F12763294}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{2B39A616-D529-4A58-A4C6-20A7C3139465}" = protocol=17 | dir=in | app=c:\program files\common files\soft602\langserv.exe |
"{2E9838F0-BB6C-4F53-B929-996119ABB84B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{301F9496-EB06-40D6-BC43-2CC9268D9AC6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{360AE3DA-72BD-44D6-BE99-63C7F794A52A}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{36B531C5-42F2-4243-9173-9C6A214C7292}" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{3840033B-62BC-43D5-9266-2A37668D9E1B}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{3970436C-400D-406B-850E-FA1B67DCA053}" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"{3D0770CA-1DD3-4DEE-9A98-5B87E4BFB668}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{3D3A5162-ABFC-4036-A362-3CC804001F56}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{4194BFE0-94AD-43E0-886A-94B7229FF413}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{4EA6525D-348E-4DD8-BAC4-137B1190A85C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{54F4AA60-3710-446A-BB53-3BC226F2BF85}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{5697818C-04AF-488F-8ECE-48E35C0DDDBF}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{56B37AB3-A4D1-431A-BBF8-4A2277BF7212}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{576B0EFD-CA63-489A-8577-FDC8F3EABFAE}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{57A6E26E-1C94-4551-9B44-BFF5A0EACC8D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{5EEAEF95-0A39-4790-945E-0295316447AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5F5C8B68-8E1B-47BD-A6AD-2F30E1E737C7}" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"{5FB39605-75CE-4E7C-AD8E-13A32B1F5169}" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{64280D63-9118-43C5-AEAE-F1C089A3CE5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{663F364F-C14F-4BE4-B1FA-3D75B7C92260}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{69302F25-DB5E-44C9-8430-74BFBC2C3FCA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\magic the gathering - duels of the planeswalkers\dotp.exe |
"{714A1412-8FAE-4136-97AA-6218E956F5EE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{74A2A846-AF48-4704-A25C-BA5277D256D1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{7A987AED-43F9-48D2-AA90-7A42971ADD86}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7B1D29DE-88D7-45D6-91CB-4DD4532BEEBD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7D6D0EC2-A7A9-4F0A-9E77-19CDDBBAA2CB}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{7EA5A1F0-DF8C-4E07-983D-0A11CE4EC834}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7F40791C-0B2A-4499-B580-4CB7CF860C10}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{80FAC4A7-BE16-4AD7-AF3E-9EA846756FDF}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{820C20F2-6BBB-4E6A-99EF-1EC5ED8F5595}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{8300745F-15A6-44FA-BB0C-7B175E229554}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8341D965-082E-49A1-A554-BB00D548436C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{835E4DAE-EC44-4A71-A4D1-250F6CC11E01}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{8DC65380-C4A7-44D8-8359-D520E1EA8DE3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{8F929332-03CF-4111-80AD-6FFEC86AC7EB}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{9060B8B4-0C52-4D14-AF67-53F3DE93F5D5}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{975959E9-3F39-4DB1-8CC3-9E238D33B352}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{98B7E694-A288-4ADC-A31F-6564CC8DF266}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{9B2C6F79-F268-44A7-B145-D2841591CEC3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{9F1BAA16-CA7C-4569-88A4-715188691314}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{A15FC9CE-674C-49EA-9BB2-469864B8F9CB}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A24BFF98-83C0-45DF-8D72-AA4D9280C79E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{A6DB6BCF-72C1-46EB-B777-959A04A30DE3}" = protocol=6 | dir=in | app=c:\program files\spark\spark.exe |
"{A87EAE94-5DD0-415C-B276-873D20D87CF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AA8F4D09-A260-44CD-BCD5-1638133F2A6B}" = protocol=17 | dir=in | app=c:\program files\spark\spark.exe |
"{AB032DAC-B94E-47F3-8EE3-2CD7E49E2D3B}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{AFFF7B12-21EC-4269-9B2C-37A8834819A7}" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"{B02397BD-6BB9-4D01-B244-248F41178FCD}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{B1058385-33C2-4E7C-B459-1508E79D55B6}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{B6A1929F-2159-45F9-A44F-45A8E16C318C}" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"{C73FA741-F305-4CAD-B1FC-896FA794BD60}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{CF5586FC-648B-4062-853E-E6D95425DF82}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{CFE8F9DF-3CCD-4230-AFCA-8AE71346AD42}" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"{D044B4A7-48E5-4513-A345-9F0471BD71E8}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{D350DA5E-D9B4-472B-B275-C873797F55E9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D48B606B-8686-4ABE-BB50-BFFA569A3BC9}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{D59782C7-655A-4DF8-BAC6-C78F7FD26073}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{D6DF95C2-4A71-41DA-B3FD-EDF1CEE18315}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D81222B0-96CC-4B90-942D-94C2BB5248FF}" = protocol=6 | dir=out | app=system |
"{DD4101A7-1B9F-4DFE-9C82-4B57F7AF67F4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{DEB84199-EA07-4AB9-B19F-A003E063265A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DFC3A659-B32B-4E48-923C-EF72CC23D2F4}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E12CBFF1-E9C4-493F-9BB6-E71FB89C69A4}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E25400F1-62FF-496E-9FBD-948D06F2FA54}" = protocol=6 | dir=in | app=c:\program files\common files\soft602\langserv.exe |
"{E3A8BC6E-67A4-495A-B7F2-7476A269BE52}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{E4227BC0-772D-4E92-B58D-D150BE97178C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E5E646A1-6551-4926-8CE3-2BAEA4213BEB}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{E878EF4C-7EF2-4C14-8FCC-4E04128AA8BB}" = protocol=6 | dir=in | app=c:\program files\cisco packet tracer 5.3\bin\packettracer5.exe |
"{EA78F990-AF84-412A-908B-D096B8505B79}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{EB4582DD-D174-4E28-B95D-4627F26A5EC5}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{ED73EE68-B71D-4803-A48C-B7CA006D960E}" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{EF54B39A-F6E9-4DA6-87AE-DB8A4D810A4C}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{F11317ED-B456-4C62-9BC4-DA7955F59BA3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\magic the gathering - duels of the planeswalkers\dotp.exe |
"{F32BEA1A-F4B4-4E9F-BAF5-C159D1267AC5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F42AE48C-98DF-44E2-9DEC-9E2EB3112CAB}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{F4BCC727-8896-4D9F-ACD4-8F1B5A87E184}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F5245741-5FBC-450F-93BB-49FE887C5516}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F78915ED-3C6E-45CD-9132-B5FD31AC3316}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FCEB31F4-BB32-4EFD-9912-9981F83B51E9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FE2611B0-D4B7-4B42-AB17-60D4774708C6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"{FE879926-7761-4A80-AA1D-54D705FD7DD9}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\hp1006mc.exe |
"{FF18F27A-6B37-4E4C-86FF-5D311A14CB67}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version5\teamviewer.exe |
"TCP Query User{0293834C-AD5D-4D51-9E5D-F8883D7E000F}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"TCP Query User{145A3CF9-00EA-426C-AA81-1B273E983235}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{3898D09B-C6D5-4721-8561-67A97B163C5A}C:\program files\cisco systems\ciscocp\tools\jre1.5.0_11\bin\ciscocpengine.exe" = protocol=6 | dir=in | app=c:\program files\cisco systems\ciscocp\tools\jre1.5.0_11\bin\ciscocpengine.exe |
"TCP Query User{3FA8E44E-DD1B-4ADF-BB8F-692869B24A09}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{8A183217-A699-4952-8F9F-0D3A17CD241E}C:\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"TCP Query User{91D7DE58-C54B-4CC7-B4C5-AD869FB05CE8}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{C8B8D0BC-946E-42EC-9CA6-C6C2568C3E46}C:\program files\spark\spark.exe" = protocol=6 | dir=in | app=c:\program files\spark\spark.exe |
"TCP Query User{D31B3EFE-72C0-4A91-89C2-64F490B17C09}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{D4E6AFF4-5FB2-4AF9-91E8-A02D18E80623}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{D713F01A-2EB3-4168-BE51-E2200DD8E478}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{EB586CDE-74FE-48B8-957A-5FA9CBD9075E}C:\program files\cisco packet tracer 5.3\bin\packettracer5.exe" = protocol=6 | dir=in | app=c:\program files\cisco packet tracer 5.3\bin\packettracer5.exe |
"UDP Query User{06A1763E-5A70-45D2-8C31-8D9E5F1EAE90}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{107C0DD0-6F29-4778-908B-70F23DC20451}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe |
"UDP Query User{19E28D09-172E-49AA-8ECA-271B29D38A11}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{3006A644-224E-4F36-83EB-E3EED3494C69}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{99CCED50-A793-4DE6-BBB3-0590AC380CA6}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{A78C35FD-5B6B-4B42-9DD9-5ECEF468C606}C:\program files\cisco systems\ciscocp\tools\jre1.5.0_11\bin\ciscocpengine.exe" = protocol=17 | dir=in | app=c:\program files\cisco systems\ciscocp\tools\jre1.5.0_11\bin\ciscocpengine.exe |
"UDP Query User{A81BE04D-5108-43BE-B266-8D912D182B28}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{B26B55F0-9EAD-4DFA-B8E5-A533410F490B}C:\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\xampp\apache\bin\httpd.exe |
"UDP Query User{D0002BC3-1E58-4587-AA98-5B124C588890}C:\program files\cisco packet tracer 5.3\bin\packettracer5.exe" = protocol=17 | dir=in | app=c:\program files\cisco packet tracer 5.3\bin\packettracer5.exe |
"UDP Query User{EF3511E7-6591-4D02-BA25-5DAB6CFCEBCB}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F526F162-A995-431B-8BE5-B8F4305F699C}C:\program files\spark\spark.exe" = protocol=17 | dir=in | app=c:\program files\spark\spark.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1C8A4EE2-9D97-440F-9D8D-DA19C9657178}" = AVG 2013
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{29342492-9F4F-4089-866A-10D801B610FD}" = Cisco Configuration Professional
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A1A9AB2-2F68-462D-A67D-7C855DFF5EEB}" = Microsoft Network Monitor: NetworkMonitor Parsers 3.4
"{5BF5F9C5-E95B-4AFA-94BE-F2A9CA73B61D}" = Apple Mobile Device Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{631E66F3-5BCC-4FF8-9F42-95AF0BFA38B7}" = AVG 2013
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2F2C44A-869E-4C32-9CEC-E22B1CC91F06}" = Microsoft Network Monitor 3.4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93E1798-E523-4152-BA23-35DF8A4928ED}" = STORMWARE POHODA CZ Start
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.07.14
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) - Czech
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{D387C31D-971F-4EEC-8734-382B39AD04F0}" = Software602 Form Filler
"{D48E5272-5DE8-4BA9-9EBB-EECE26D3CDC9}" = NewSoft MCE Codec
"{DA02FED8-0E53-42A3-84E8-6C1E3E19FDD9}" = Microsoft Press Training Kit Exam Prep Suite 70-680
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}" = VGA USB Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F86AD773-5BC0-499B-9F48-4E0D5FED759D}" = Windows Live Zabezpečení rodiny
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Any Video Converter_is1" = Any Video Converter 3.0.7
"AVG" = AVG 2013
"BSPlayerf" = BS.Player FREE
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1007
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Family Tree Builder" = MyHeritage Family Tree Builder
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader" = Foxit Reader
"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.64
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HDvid Codec V1" = HDvid Codec V1
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Machinarium" = Machinarium
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Miranda IM" = Miranda IM 0.9.16
"Mozilla Firefox 23.0.1 (x86 cs)" = Mozilla Firefox 23.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Oxelon Media Converter_is1" = Oxelon Media Converter 1.1
"Picasa 3" = Picasa 3
"PSPad editor_is1" = PSPad editor
"Rainbow Sentinel Driver" = Sentinel System Driver
"Revo Uninstaller" = Revo Uninstaller 1.89
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"Spark 2.6.3.12555" = Spark 2.6.3.12555
"Steam App 49400" = Magic: The Gathering - Duels of the Planeswalkers
"SubtitleCreator" = SubtitleCreator
"TeamViewer 5" = TeamViewer 5
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.7
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xvid_is1" = Xvid 1.2.2 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"LiveOdds Application" = LiveOdds Application
"WinDirStat" = WinDirStat 1.1.2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14.9.2013 17:04:17 | Computer Name = CHANG | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 23.0.1.4974, časové
razítko: 0x520bc252 Název chybujícího modulu: xul.dll, verze: 23.0.1.4974, časové
razítko: 0x520bc166 Kód výjimky: 0xc0000005 Posun chyby: 0x0017af08 ID chybujícího
procesu: 0x44c Čas spuštění chybující aplikace: 0x01ceb17b5e282795 Cesta k chybující
aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe Cesta k chybujícímu modulu:
C:\Program Files\Mozilla Firefox\xul.dll ID zprávy: 372153ce-1d81-11e3-884f-0013d482c30c

Error - 15.9.2013 10:35:00 | Computer Name = CHANG | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\totalcmd\TCUNIN64.EXE se nezdařilo.
Závislé
sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 15.9.2013 10:38:11 | Computer Name = CHANG | Source = Customer Experience Improvement Program | ID = 1008
Description =

[ OSession Events ]
Error - 7.4.2010 2:55:06 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 48
seconds with 0 seconds of active time. This session ended with a crash.

Error - 8.11.2010 10:29:40 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 49
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1.11.2011 20:17:00 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18653
seconds with 300 seconds of active time. This session ended with a crash.

Error - 27.12.2011 7:26:27 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 28.2.2013 8:14:19 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 23.5.2013 3:59:12 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2.7.2013 14:28:21 | Computer Name = CHANG | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 15.9.2013 15:02:27 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:02:29 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:05:28 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:05:30 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:05:32 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:05:34 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:06:03 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:06:05 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:06:07 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 15.9.2013 15:06:09 | Computer Name = CHANG | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

< End of report >

#11 Příspěvek od **vyosek** » 16 zář 2013 08:06

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (av9cberm)
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}: "URL" = http://www.basicscan.com/?prt=BASICSCAN115&keywords={searchTerms}
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA AC 81 29 B2 85 CA 01 [binary data]
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-592630318-3070953743-1396752941-1003\..\SearchScopes\{30104308-0EAA-4065-851B-6F5F2B49A7F2}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
CHR - default_search_provider: Centrum.cz (Enabled)
CHR - default_search_provider: search_url = http://search.centrum.cz/index.php?charset={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = 
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013.09.15 15:59:17 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Local\qb0E48F1.BE
[2013.09.15 15:57:49 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Local\qb0CF315.70
[2013.09.15 15:56:48 | 000,000,000 | ---D | C] -- C:\Users\Terezka\AppData\Local\qb0C04FF.D4
[2013.09.15 15:55:22 | 000,365,056 | ---- | C] (forum.viry.cz) -- C:\Users\Terezka\Desktop\FRSTLauncher.exe
[20 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\34040f093a63a8239849e531dfa4b587\*.tmp files -> C:\Windows\SoftwareDistribution\Download\34040f093a63a8239849e531dfa4b587\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\93b2a162e8b3bb5436cc44c65b27f920\*.tmp files -> C:\Windows\SoftwareDistribution\Download\93b2a162e8b3bb5436cc44c65b27f920\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\e0c387a3532f011996787d0ee3c3e144\*.tmp files -> C:\Windows\SoftwareDistribution\Download\e0c387a3532f011996787d0ee3c3e144\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fc25d434859e8e4877046ce7775be24f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fc25d434859e8e4877046ce7775be24f\*.tmp -> ]
[2013.09.15 20:47:01 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.09.15 15:44:36 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.09.15 21:01:02 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.09.14 15:30:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003Core.job
[2013.09.15 20:30:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003UA.job
[2013.09.15 17:23:00 | 000,001,198 | ---- | M] () -- C:\Windows\Tasks\HDvid Codec V1-codedownloader.job
[2013.09.15 17:23:00 | 000,001,108 | ---- | M] () -- C:\Windows\Tasks\HDvid Codec V1-enabler.job
[2013.09.15 17:24:01 | 000,001,204 | ---- | M] () -- C:\Windows\Tasks\HDvid Codec V1-updater.job
[2013.01.31 10:20:57 | 000,000,298 | ---- | M] () -- C:\Windows\Tasks\ROC_REG_JAN_DELETE.job
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B4227B4

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

kocab22 · #12 Příspěvek od **kocab22** » 16 zář 2013 14:42

Díky. Provedeno vše dle návodu. Zatím se mi zdá že PC je pořád stejně pomalé. Možná trošičku zlepšení vidět jde, ale například start Firefoxu je šíleně dlouhý.. Níže přikládám nový log:

All processes killed
========== OTL ==========
Service VMnetAdapter stopped successfully!
Service VMnetAdapter deleted successfully!
File system32\DRIVERS\vmnetadapter.sys not found.
Error: No service named av9cberm was found to stop!
Service\Driver key av9cberm not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33524C00-63FB-43DB-A6BF-0A4E14B24649}\ not found.
HKU\S-1-5-21-592630318-3070953743-1396752941-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-592630318-3070953743-1396752941-1003\Software\Microsoft\Internet Explorer\SearchScopes\{30104308-0EAA-4065-851B-6F5F2B49A7F2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30104308-0EAA-4065-851B-6F5F2B49A7F2}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Terezka\AppData\Local\qb0E48F1.BE folder moved successfully.
C:\Users\Terezka\AppData\Local\qb0CF315.70 folder moved successfully.
C:\Users\Terezka\AppData\Local\qb0C04FF.D4 folder moved successfully.
C:\Users\Terezka\Desktop\FRSTLauncher.exe moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DC2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A82.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43A4.tmp\System.Deployment.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43A4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4807.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D45.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5831.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8610.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP97B.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP988E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99ED.tmp\PresentationFramework.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP99ED.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB13A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC211.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC5FB.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC5FB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD7D7.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD7D7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE9C2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEFE.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFAD8.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFC86.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\34040f093a63a8239849e531dfa4b587\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\34040f093a63a8239849e531dfa4b587\$dpx$.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\93b2a162e8b3bb5436cc44c65b27f920\BITB71F.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\e0c387a3532f011996787d0ee3c3e144\BITB338.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\fc25d434859e8e4877046ce7775be24f\BITBE90.tmp deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003Core.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-592630318-3070953743-1396752941-1003UA.job moved successfully.
C:\Windows\Tasks\HDvid Codec V1-codedownloader.job moved successfully.
C:\Windows\Tasks\HDvid Codec V1-enabler.job moved successfully.
C:\Windows\Tasks\HDvid Codec V1-updater.job moved successfully.
C:\Windows\Tasks\ROC_REG_JAN_DELETE.job moved successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mcx1-CHANG
->Temp folder emptied: 516 bytes
->Temporary Internet Files folder emptied: 71403 bytes

User: Mcx2-CHANG
->Temp folder emptied: 516 bytes
->Temporary Internet Files folder emptied: 68246 bytes

User: Public

User: Radim

User: Terezka
->Temp folder emptied: 3290814 bytes
->Temporary Internet Files folder emptied: 4866455 bytes
->Java cache emptied: 4929621 bytes
->FireFox cache emptied: 348487167 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 6058 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 452 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 345,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Mcx1-CHANG

User: Mcx2-CHANG

User: Public

User: Radim

User: Terezka
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Mcx1-CHANG

User: Mcx2-CHANG

User: Public

User: Radim

User: Terezka
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 09162013_153446

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#13 Příspěvek od **vyosek** » 16 zář 2013 21:30

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste ci nastala nejaka zmena

kocab22 · #14 Příspěvek od **kocab22** » 17 zář 2013 19:31

Zdravím a díky za návod. PC mi po opravách určitě přijde rychlejší, Firefox ovšem stále nechce nabíhat. Teď už nemám čas ale zkusím jej zítra odinstalovat a nainstalovat znova, může být? On se jakoby nejrychleji rozjede když jej zapnu a pak skočím do správce ctrl+alt+del a pak naskočí okno.. Díky za pomoc. Napášu ještě co po reinstall firefoxu ..

#15 Příspěvek od **vyosek** » 17 zář 2013 20:06

Ano, reinstal Firefoxu urcite zkuste

VIRY.CZ

prosím o kontrolu logu

prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu

Re: prosím o kontrolu logu