kontrola logu

Zpráva

#31 Příspěvek od **Márty84** » 15 lis 2013 04:35

Na zacatku jste sem dal log z nejnovejsi verze RSIT, tedy 1.09.
Ted ze stare (1.06). Proc? Chtel bych ten z te nove, ukaze toho vice

RH46 · #32 Příspěvek od **RH46** » 15 lis 2013 13:53

RSIT jsem vymazal a pak znovu stáhnul ze stránky
http://vyosek.ic.cz/pro_usery/RSIT.exe
Nepředpokládal jsem, že to je jiná verze, omlouvám se.

Zde je log -

Logfile of random's system information tool 1.09 (written by random/random)
Run by RH at 2013-11-15 13:47:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 46 GB (30%) free of 153 GB
Total RAM: 1014 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:04, on 15.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\RSIT.exe
C:\Program Files\trend micro\RH.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Stáhnout FDM - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video FDM - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané FDM - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše FDM - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5581 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealNetworks Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29 539888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files\Free Download Manager\iefdm2.dll [2013-03-11 365056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"=C:\WINDOWS\SiSUSBrg.exe [2002-04-26 102400]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-03-18 188416]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-09-16 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-09-16 178712]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-09-16 150040]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-28 17331200]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-12-26 295072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files\Xvid\CheckUpdate.exe [2011-01-17 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^AVer HID Receiver.lnk]
C:\PROGRA~1\COMMON~1\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-01-05 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVerMedia\AVerQuick\AVerQuick.exe [2011-05-19 675840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Corel MEDIA FOLDERS INDEXER 8.LNK]
C:\Corel\GRAPHI~1\Programs\MFINDE~1.EXE [1998-01-12 83456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"TrkWks"=2
"TermService"=3
"TapiSrv"=3
"RemoteRegistry"=2
"RasMan"=3
"AVerScheduleService"=2
"AVerRemote"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-09-11 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe:*:Enabled:Nokia Launch Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Super Internet TV\Super Internet TV.exe"="C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Super Internet TV\Super Internet TV.exe:*:Enabled:Super Internet TV"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"msacm.ac3filter"=ac3filter.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.ACDV"=ACDV.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=tsccvid.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.HFYU"=huffyuv.dll
"wave1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-11-15 13:29:21 ----D---- C:\Program Files\Lavalys
2013-11-13 14:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-13 10:10:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-11-13 10:10:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-11-13 10:10:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-11-13 10:10:23 ----A---- C:\WINDOWS\imsins.BAK
2013-11-12 17:27:08 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2013-11-12 00:21:47 ----SHD---- C:\RECYCLER
2013-11-12 00:15:13 ----A---- C:\ComboFix.txt
2013-11-12 00:09:27 ----D---- C:\WINDOWS\temp
2013-11-11 23:48:55 ----A---- C:\WINDOWS\ntbtlog.txt
2013-11-10 17:19:25 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes' Anti-Malware (portable)
2013-11-10 17:18:14 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2013-11-10 16:59:28 ----A---- C:\Program Files\gcUninstall WeatherBlink.dll
2013-11-10 16:59:28 ----A---- C:\Program Files\gcres.dll
2013-11-10 15:43:45 ----A---- C:\WINDOWS\zip.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\SWSC.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\SWREG.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\sed.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\PEV.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\NIRCMD.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\MBR.exe
2013-11-10 15:43:45 ----A---- C:\WINDOWS\grep.exe
2013-11-10 15:43:24 ----D---- C:\Qoobox
2013-11-09 14:25:53 ----D---- C:\AdwCleaner
2013-11-09 12:52:29 ----D---- C:\Program Files\CCleaner
2013-11-07 16:18:47 ----D---- C:\imgs
2013-11-07 16:18:47 ----D---- C:\css
2013-11-07 00:09:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\VS

======List of files/folders modified in the last 1 month======

2013-11-15 13:48:04 ----D---- C:\WINDOWS\Prefetch
2013-11-15 13:48:00 ----D---- C:\Program Files\trend micro
2013-11-15 13:29:21 ----RD---- C:\Program Files
2013-11-15 12:27:50 ----SD---- C:\WINDOWS\Tasks
2013-11-15 00:43:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-11-15 00:33:05 ----D---- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Ancestry
2013-11-13 23:29:15 ----D---- C:\WINDOWS\system32\CatRoot2
2013-11-13 20:02:48 ----D---- C:\WINDOWS\system32
2013-11-13 19:58:25 ----D---- C:\WINDOWS\system32\drivers
2013-11-13 14:57:59 ----D---- C:\WINDOWS
2013-11-13 14:55:53 ----HD---- C:\WINDOWS\inf
2013-11-13 14:55:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-11-13 10:10:16 ----D---- C:\Program Files\Internet Explorer
2013-11-13 10:09:59 ----D---- C:\WINDOWS\ie8updates
2013-11-13 10:09:01 ----D---- C:\WINDOWS\system32\MRT
2013-11-13 10:05:30 ----D---- C:\WINDOWS\Debug
2013-11-13 10:05:16 ----A---- C:\WINDOWS\system32\MRT.exe
2013-11-12 00:11:35 ----A---- C:\WINDOWS\system.ini
2013-11-12 00:11:06 ----D---- C:\WINDOWS\system32\drivers\etc
2013-11-12 00:06:04 ----D---- C:\WINDOWS\AppPatch
2013-11-12 00:06:02 ----D---- C:\Program Files\Common Files
2013-11-11 19:43:08 ----D---- C:\WINDOWS\Minidump
2013-11-10 15:42:59 ----D---- C:\WINDOWS\ERDNT
2013-11-07 14:47:12 ----RSD---- C:\WINDOWS\assembly
2013-11-07 14:47:08 ----D---- C:\WINDOWS\Microsoft.NET
2013-11-07 13:44:23 ----SHD---- C:\WINDOWS\Installer
2013-11-07 13:44:23 ----D---- C:\Config.Msi
2013-11-07 13:39:38 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-11-07 00:39:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-07 00:39:23 ----D---- C:\WINDOWS\WinSxS
2013-11-04 16:40:38 ----D---- C:\WINDOWS\History
2013-10-20 20:22:04 ----D---- C:\Program Files\Zoom Player
2013-10-18 17:50:53 ----D---- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\vlc
2013-10-16 16:46:24 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-30 177864]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-01-26 20576]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-08-30 56080]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-07-08 28672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-09-11 6047904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-31 4942336]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2011-01-06 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AF9035HB;AF9035 Hybrid Device; C:\WINDOWS\System32\Drivers\AF9035HB.sys [2012-01-12 863616]
S3 AVerPola;AVerMedia USB Polaris Series Capture Service; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [2010-10-07 478464]
S3 AVPolCIR;AVerMedia USB Polaris Series Custom IR Service; C:\WINDOWS\system32\DRIVERS\AVPolCIR.sys [2010-10-07 38144]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 DfSdkS;Defragmentation-Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 406016]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2010-04-27 348160]
S4 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-04-01 403456]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2008-12-31 247152]

-----------------EOF-----------------

#33 Příspěvek od **Márty84** » 15 lis 2013 23:16

Tak jeste jeden sken a budem mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

RH46 · #34 Příspěvek od **RH46** » 16 lis 2013 01:21

Provedeno -

OTL logfile created on: 16.11.2013 0:49:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,23 Mb Total Physical Memory | 437,92 Mb Available Physical Memory | 43,18% Memory free
2,39 Gb Paging File | 1,91 Gb Available in Paging File | 79,81% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 44,90 Gb Free Space | 30,13% Space Free | Partition Type: NTFS

Computer Name: RH-9B6AEB81C62A | User Name: RH | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.11.16 00:16:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\OTL.exe
PRC - [2013.08.30 08:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 13:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.06.26 12:10:30 | 001,516,632 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.06.11 10:33:14 | 000,174,488 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.06.11 10:33:06 | 000,126,872 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2002.03.18 11:53:00 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe

========== Modules (No Company Name) ==========

MOD - [2013.11.15 19:52:41 | 002,237,440 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13111501\algo.dll
MOD - [2012.06.26 12:11:10 | 000,345,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
MOD - [2012.06.26 12:11:08 | 000,282,200 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
MOD - [2012.06.26 12:11:02 | 008,197,208 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtGUI4.dll
MOD - [2012.06.26 12:11:00 | 002,302,040 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
MOD - [2012.06.26 12:10:58 | 000,202,328 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
MOD - [2012.06.26 12:10:58 | 000,027,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
MOD - [2011.06.16 00:14:48 | 000,331,776 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2011.05.28 22:04:58 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.02.12 09:37:50 | 000,633,696 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\ContextHandler.dll
MOD - [1998.02.09 18:02:44 | 000,900,096 | ---- | M] () -- C:\Corel\Graphics8\Programs\CMFFld80.dll

========== Services (SafeList) ==========

SRV - [2013.10.08 20:00:47 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.08.30 08:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.04.04 13:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 13:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012.06.11 10:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.04.01 15:52:24 | 000,403,456 | R--- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2010.04.27 19:02:50 | 000,348,160 | R--- | M] (AVerMedia) [Disabled | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.08.24 21:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe -- (DfSdkS)
SRV - [2008.04.14 04:22:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013.08.30 08:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.30 08:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.08.30 08:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.08.30 08:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.30 08:48:12 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.08.30 08:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.30 08:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.08.30 08:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.04.04 13:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.11 10:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.12 21:22:42 | 000,863,616 | ---- | M] (ITE Technologies ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF9035HB.SYS -- (AF9035HB)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.01.06 13:20:55 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2010.10.07 03:17:32 | 000,038,144 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVPolCIR.sys -- (AVPolCIR)
DRV - [2010.10.07 03:17:22 | 000,478,464 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerPola.sys -- (AVerPola)
DRV - [2009.01.22 09:25:26 | 000,120,064 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.10.31 04:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.04.13 19:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2005.07.08 17:17:56 | 000,008,704 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2005.07.08 17:17:54 | 000,099,584 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.07.08 17:17:36 | 000,029,696 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDpass.sys -- (InCDPass)
DRV - [2005.07.08 16:17:31 | 000,028,672 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\InCDrm.sys -- (incdrm)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {597b1823-7ff0-4cd3-8095-9d8cba514992}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask.com/search/GGmain. ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask.com/search/GGmain. ... earchTerms}
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@caminova.com/DjVuPlugin: C:\Program Files\Caminova\Document Express DjVu Plug-in\npdjvu.dll (Caminova, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.26 15:48:30 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Docs = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Disk Google = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Complitly plugin for chrome = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: RealDownloader = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.11.12 00:11:06 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O3 - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKU\S-1-5-21-606747145-1580436667-725345543-1003..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-1580436667-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-606747145-1580436667-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-606747145-1580436667-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-606747145-1580436667-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Stáhnout FDM - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video FDM - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše FDM - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané FDM - C:\Program Files\Free Download Manager\dlselected.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.211.45.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D31F89B1-0830-4543-9871-23DA11A30EA3}: DhcpNameServer = 213.211.45.3
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.29 15:36:05 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: VIDC.ACDV - C:\WINDOWS\System32\ACDV.dll (ACD Systems)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\HUFFYUV.DLL (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.11.16 00:05:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\OTL.exe
[2013.11.15 13:29:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Lavalys
[2013.11.15 13:29:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2013.11.12 00:21:47 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.11.12 00:09:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.11.10 17:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes' Anti-Malware (portable)
[2013.11.10 17:18:14 | 000,047,064 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013.11.10 16:59:28 | 000,716,360 | ---- | C] (MindSpark) -- C:\Program Files\gcUninstall WeatherBlink.dll
[2013.11.10 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\IAC
[2013.11.10 15:43:45 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.11.10 15:43:45 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.11.10 15:43:45 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.11.10 15:43:45 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.11.10 15:43:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.11.09 18:55:40 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Recent
[2013.11.09 14:25:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.09 12:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.11.07 16:18:47 | 000,000,000 | ---D | C] -- C:\imgs
[2013.11.07 16:18:47 | 000,000,000 | ---D | C] -- C:\css
[2013.11.07 00:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\VS

========== Files - Modified Within 30 Days ==========

File not found -- C:\WINDOWS\System32\
[2013.11.16 00:51:36 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.16 00:16:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\OTL.exe
[2013.11.16 00:00:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.11.15 21:35:21 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2013.11.15 21:35:19 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.11.15 21:35:18 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2013.11.15 21:35:18 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2013.11.15 21:35:08 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.15 21:34:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.15 13:06:34 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\RSIT.exe
[2013.11.14 14:06:02 | 000,002,503 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Microsoft Excel.lnk
[2013.11.13 21:21:25 | 000,002,565 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\ACDSee 9 Photo Manager.lnk
[2013.11.13 10:10:58 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.11.12 00:11:06 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.11.11 22:01:03 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2013.11.11 19:43:06 | 1063,608,320 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013.11.11 19:18:33 | 000,047,064 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013.11.10 16:54:25 | 000,716,360 | ---- | M] (MindSpark) -- C:\Program Files\gcUninstall WeatherBlink.dll
[2013.11.10 16:54:25 | 000,190,848 | ---- | M] () -- C:\Program Files\gcres.dll
[2013.11.09 18:57:02 | 000,009,968 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Dokumenty\cc_20131109_185657.reg
[2013.11.09 12:52:34 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
[2013.11.07 16:59:15 | 000,000,880 | ---- | M] () -- C:\.Ancestry2html.properties
[2013.11.07 16:36:22 | 000,001,529 | ---- | M] () -- C:\.progressbar.properties
[2013.11.07 00:39:45 | 000,519,056 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.11.07 00:39:45 | 000,513,790 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.11.07 00:39:45 | 000,113,302 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.11.07 00:39:45 | 000,098,624 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.11.06 21:26:16 | 000,005,677 | ---- | M] () -- C:\trl.cfg

========== Files Created - No Company Name ==========

File not found -- C:\WINDOWS\System32\
[2013.11.16 00:11:47 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.15 13:06:30 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\RSIT.exe
[2013.11.13 10:10:23 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.11.10 16:59:28 | 000,190,848 | ---- | C] () -- C:\Program Files\gcres.dll
[2013.11.10 15:43:45 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.11.10 15:43:45 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.11.10 15:43:45 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.11.10 15:43:45 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.11.10 15:43:45 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.11.09 18:57:00 | 000,009,968 | ---- | C] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Dokumenty\cc_20131109_185657.reg
[2013.11.09 12:52:34 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\CCleaner.lnk
[2013.11.07 16:18:53 | 000,001,529 | ---- | C] () -- C:\.progressbar.properties
[2013.09.29 17:08:57 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\btfzj8bn.ctrl
[2013.09.29 17:08:54 | 095,025,368 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\btfzj8bn.pff
[2013.06.27 21:55:45 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.27 08:48:27 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.27 08:48:27 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.03.15 22:58:04 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.15 22:58:02 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.12.17 18:05:25 | 000,000,108 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2012.12.17 17:06:59 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2012.12.17 17:06:59 | 000,003,456 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2012.12.17 17:06:40 | 000,614,400 | R--- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2012.12.17 17:06:40 | 000,421,888 | R--- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2012.12.17 17:06:40 | 000,307,200 | R--- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2012.12.17 17:06:40 | 000,307,200 | R--- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2012.12.17 17:06:40 | 000,294,912 | R--- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2012.12.17 17:06:40 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2012.12.17 17:06:39 | 000,311,296 | R--- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2012.10.17 19:14:39 | 000,000,135 | ---- | C] () -- C:\WINDOWS\huffyuv.ini
[2012.10.11 22:20:20 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012.10.11 22:20:20 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012.10.11 21:48:20 | 000,178,688 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2012.02.16 11:01:56 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.09 15:23:55 | 000,135,870 | ---- | C] () -- C:\WINDOWS\System32\mspaint.exe.EX_
[2012.01.12 21:36:04 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.11.26 16:58:14 | 000,000,844 | ---- | C] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\FASTWiz.html
[2011.02.09 13:29:51 | 000,000,138 | ---- | C] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\fusioncache.dat
[2011.01.05 22:23:00 | 000,067,584 | ---- | C] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.26 23:14:47 | 000,147,624 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.04.13 11:17:45 | 000,000,000 | ---- | C] () -- C:\Program Files\uziv.dat
[2010.04.08 13:48:08 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe

========== ZeroAccess Check ==========

[2011.01.09 16:17:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.03.31 16:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ACD Systems
[2010.08.05 12:12:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Aegisub
[2010.07.31 17:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer
[2010.07.31 13:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BSplayer Pro
[2010.04.14 13:38:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\concept design
[2010.11.25 12:46:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\esmska
[2010.04.14 13:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FDRLab
[2010.04.01 22:18:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\GARMIN
[2010.06.10 23:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Livestation
[2010.06.10 23:28:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mchid
[2010.06.04 10:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mikrotik
[2010.03.31 21:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nokia
[2010.06.27 12:45:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PC Suite
[2010.11.21 15:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\PPStream
[2010.06.10 10:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sammsoft
[2010.04.13 22:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
[2010.04.04 19:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\VitySoft
[2010.11.29 22:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vShare
[2010.04.20 18:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.03.29 16:30:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2010.04.01 17:10:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GARMIN
[2010.03.31 14:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.03.31 20:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2010.06.27 12:45:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.04.10 19:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2010.04.10 19:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Plus
[2010.04.10 19:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio Ultimate
[2010.06.20 21:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Rapidshare Search Tool
[2010.10.30 21:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ReviverSoft
[2010.04.10 19:51:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Studio 12
[2010.06.01 14:52:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TechSmith
[2010.09.20 21:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Temp
[2011.01.06 13:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ACD Systems
[2011.01.05 17:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Alwil Software
[2013.05.10 15:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2013.01.08 22:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVerTV 3D
[2013.06.06 22:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Free Download Manager
[2011.01.12 23:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GARMIN
[2012.07.31 21:33:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Installations
[2011.02.12 23:32:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Nokia
[2011.02.08 12:57:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NokiaInstallerCache
[2011.02.12 23:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
[2012.04.22 18:06:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TechSmith
[2012.07.03 22:15:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Temp
[2013.11.07 00:09:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\VS
[2011.01.04 19:45:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH\Data aplikací\BSplayer
[2011.01.06 13:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\ACD Systems
[2013.06.15 21:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Agelong Tree
[2013.11.15 00:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Ancestry
[2013.01.10 19:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\avidemux
[2011.11.29 00:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer
[2011.01.05 22:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer Pro
[2011.08.08 12:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\esmska
[2013.06.09 22:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Free Download Manager
[2012.06.24 19:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GARMIN
[2012.08.17 21:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GeoGet
[2011.01.16 20:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GetRightToGo
[2012.07.04 21:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Niroa
[2011.03.12 17:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Nokia
[2011.06.16 17:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\PC Suite
[2011.06.09 23:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Reviversoft
[2011.03.17 20:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Uniblue
[2011.01.05 19:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\VitySoft
[2012.06.29 16:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Xaufu

========== Purity Check ==========

========== Custom Scans ==========

< >
[2011.01.05 15:53:04 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.01.05 16:00:32 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.07.06 11:15:10 | 000,000,280 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2011.07.06 11:15:11 | 000,000,272 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2012.08.24 12:40:09 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.12.26 15:49:29 | 000,000,280 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job
[2013.05.10 15:33:29 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.10.16 11:02:38 | 000,000,272 | ---- | C] () -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job

< >

< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2011.11.27 21:11:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 14:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[43 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[29 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.06 13:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\ACD Systems
[2013.03.16 11:34:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Adobe
[2013.06.15 21:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Agelong Tree
[2013.11.15 00:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Ancestry
[2013.01.10 19:28:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\avidemux
[2011.11.29 00:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer
[2011.01.05 22:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer Pro
[2011.07.10 17:44:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Corel
[2011.10.13 19:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\CyberLink
[2011.08.08 12:36:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\esmska
[2013.06.09 22:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Free Download Manager
[2012.06.24 19:34:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GARMIN
[2012.08.17 21:27:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GeoGet
[2011.01.16 20:49:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GetRightToGo
[2011.01.16 21:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Help
[2011.02.09 14:10:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\HP
[2011.05.12 19:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\HpUpdate
[2011.01.05 16:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Identities
[2011.01.05 18:00:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Macromedia
[2011.01.29 16:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Malwarebytes
[2012.07.18 19:50:31 | 000,000,000 | --SD | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Microsoft
[2012.07.04 21:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Niroa
[2011.03.12 17:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Nokia
[2011.06.16 17:13:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\PC Suite
[2011.01.06 12:46:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\PSpad
[2012.12.26 15:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Real
[2012.12.26 15:49:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\RealNetworks
[2011.06.09 23:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Reviversoft
[2011.01.05 19:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Sun
[2011.03.17 20:17:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Uniblue
[2011.01.05 19:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\VitySoft
[2013.10.18 17:50:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\vlc
[2012.02.03 19:29:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\WinRAR
[2012.06.29 16:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Xaufu

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2013.06.06 22:58:36 | 007,724,781 | ---- | M] (FreeDownloadManager.ORG ) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Free Download Manager\Update\fdminst.exe
[2012.06.27 13:36:52 | 000,722,432 | ---- | M] () -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GeoGet\script\geojarry\geojarryw.exe
[2013.03.20 22:33:57 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
[2012.01.22 18:38:40 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe
[2011.12.15 14:46:30 | 026,922,432 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\RealPlayer.exe
[2011.12.02 21:37:17 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_exe\RealPlayer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.11.27 19:53:56 | 000,524,288 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.11.27 18:42:07 | 000,077,824 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2011.11.27 19:53:56 | 028,450,816 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.11.27 19:53:56 | 006,553,600 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.11.13 10:05:16 | 080,340,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2013.11.15 21:35:08 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"PC Suite Tray" = "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray -- [2012.06.26 12:10:30 | 001,516,632 | ---- | M] (Nokia)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.11.16 00:51:36 | 000,000,512 | ---- | M] () MD5=0EBD4B947214D42558570EECF4966C9B -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[1997.02.27 23:43:24 | 000,016,068 | ---- | M] () -- \Corel\Graphics8\Custom\Canvas\cracks2c.pcx
[1997.10.07 00:17:00 | 000,010,484 | ---- | M] () -- \Corel\Graphics8\Custom\Tiles\CRACKS2M.CPT
[2010.11.21 13:50:35 | 000,001,047 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Data aplikací\MyAshampoo\Rss\http___crackle_com_rss_media_sxsw_featured_rss.xml
[2010.09.24 18:27:33 | 000,000,660 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Odkazy\Cracky Články - FireZONE.sk.url
[2010.04.20 23:07:18 | 000,000,168 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Programy\Brutus - The Remote Password Cracker.url
[2010.05.25 22:50:27 | 000,001,289 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Programy\TechSmith Camtasia Studio v6.0.0.689 ke stáhnutí, rapidshare, crack.url
[2010.09.15 13:56:02 | 000,000,182 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Stránky\CRACKY - PeComp -Návody,OS,software, antivíri- všetko tu!.url
[2010.04.13 21:09:21 | 000,210,109 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\Heslo RAR\rar-password-cracker.exe
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Data aplikací\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif
[2012.11.15 18:11:02 | 000,004,412 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\jd\plugins\hoster\CrackedCom.class
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Program Files\GeoGet\distdata\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif

< *keygen* /s >
[2012.12.23 23:22:57 | 011,303,433 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Video konverter\OJOsoft.Total.Video.Converter.2.7.3.1204.Incl.Keygen-AT4RE.rar
[2009.05.07 15:40:28 | 000,050,176 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Video konverter\OJOsoft.Total.Video.Converter.2.7.3.1204.Incl.Keygen-AT4RE_hardal\OJOsoft Total Video Converter 2.7.3.1204\Keygen-AT4RE\Keygen.exe

< *AntiWPA* /s >

< *loader* /s >
[1997.07.25 05:31:36 | 000,010,817 | ---- | M] () -- \Corel\Graphics8\Barista\animationlib\B_loader.class
[2010.10.22 23:43:14 | 000,000,264 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\FreeRapid Downloader 0.83u1 download - Slunečnice.cz - programy ke stažení zdarma.url
[2010.10.22 23:07:16 | 000,000,274 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Web Jaroslava Čapka - Download-ke stažení - Free Rapid Downloader.url
[2010.04.05 19:47:21 | 000,000,552 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Programy\FreeRapid Downloader - Download.url
[2010.04.05 19:41:15 | 000,000,377 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Programy\FreeRapid Downloader - Plugins.url
[2010.08.27 13:50:48 | 000,000,135 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Programy\http--www.predplacenky.cz-pdf-jdownloader.pdf.url
[2010.08.27 13:42:10 | 028,253,422 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\Jdownloader\JDownloaderSetup.exe
[2008.06.23 11:47:14 | 000,486,216 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\Pinnacle studio 12\Studio12U\Studio12UPG\Vitascene\current\imageloader10x1.dll
[2003.06.30 08:37:34 | 000,002,315 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\Smoky City Design\The Panorama Factory\help\loader.js
[2011.03.29 15:23:31 | 000,002,315 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\Smoky City Design\The Panorama Factory\help\csy\loader.js
[2010.08.05 15:44:20 | 010,901,573 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\Subdownloader\SubDownloader-2.0.10.exe
[2012.11.29 20:30:58 | 000,013,246 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.11.29 20:10:16 | 000,000,319 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.11.29 20:35:38 | 000,002,584 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Data aplikací\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
[2012.12.26 15:48:35 | 000,002,495 | ---- | M] () -- \Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\RealNetworks\RealDownloader.lnk
[2012.01.16 20:13:10 | 000,002,296 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\ApplicationHistory\Trainz Downloader Pro.exe.b9c4e0e2.ini
[2013.11.15 23:19:15 | 000,001,232 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\FHES3BS4\oneMscomJsCssLoader[1].js
[2013.11.15 22:49:57 | 000,003,087 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\K5SM5FL7\gif_preloader[1].gif
[2013.11.15 23:19:22 | 000,003,061 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\K5SM5FL7\rmsloaderdelayeddiv[1].js
[2013.11.15 23:40:16 | 000,175,314 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\XB6D2MA1\FeatureLoader.js[1].php
[2013.11.15 23:40:52 | 000,014,096 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\XB6D2MA1\loader-screenshot[1].gif
[2013.11.15 23:20:35 | 000,004,448 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\YCLI0T1O\Advert.Advantage.Reloader[1].js
[2013.11.15 23:40:55 | 000,003,208 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\YCLI0T1O\ajax-loader-gray[1].gif
[2013.11.15 22:49:13 | 000,001,174 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\YCLI0T1O\preloader[1].js
[2013.11.15 22:44:06 | 000,006,804 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\YCLI0T1O\vloader[1].gif
[2013.11.15 22:49:13 | 000,007,350 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\YJ0IJXOS\preloader[1].css
[2013.11.15 22:52:39 | 000,002,608 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\Z2KULU09\ajax-loader-soccer[1].gif
[2013.11.15 23:17:05 | 000,061,619 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Temporary Internet Files\Content.IE5\Z2KULU09\yuiloader-dom-event[1].js
[2007.07.11 13:30:12 | 004,697,176 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\PoiLoader.exe
[2007.07.11 13:30:18 | 001,297,496 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\POILoader_Lang.dll
[2008.03.15 22:20:16 | 000,001,643 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\Garmin\POI Loader.lnk
[2008.03.15 20:43:32 | 010,568,992 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\POI loader body\POILoaderforWindows_242.exe
[2012.11.15 18:02:26 | 031,419,822 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader.zip
[2011.03.07 12:12:48 | 000,214,528 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\JDownloader.exe
[2011.03.07 12:12:48 | 000,593,293 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\JDownloader.jar
[2010.12.15 13:59:32 | 000,218,816 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\JDownloaderBETA.exe
[2010.12.15 13:59:32 | 000,218,816 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\JDownloaderD3D.exe
[2012.11.15 18:06:27 | 000,000,105 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\jd\img\hosterlogos\uploader.pl.png
[2012.11.15 18:09:21 | 000,011,071 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\jd\plugins\hoster\MyDownloaderNet.class
[2012.11.15 18:09:10 | 000,004,468 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\jd\plugins\hoster\OmpLoaderOrg.class
[2012.11.15 18:08:32 | 000,007,073 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\jd\plugins\hoster\UploaderPl.class
[2011.03.07 12:14:46 | 000,032,222 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Stahování videa\JDownloader\licenses\jdownloader.license
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\WinRAR\RarExtLoader.exe
[1998.05.06 16:59:40 | 000,108,544 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.dll
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.tlb
[2010.03.18 22:21:56 | 000,063,312 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2010.03.17 23:17:14 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2012.12.06 23:38:40 | 000,268,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2012.12.06 23:38:40 | 000,019,000 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.04.10 19:36:40 | 002,184,488 | ---- | M] () -- \Program Files\CyberLink\Shared Files\Plugin\5.0\CES_3DLoaderFBX.dll
[2012.06.26 11:36:20 | 000,002,560 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2012.11.30 14:22:10 | 000,251,793 | ---- | M] () -- \Program Files\RealNetworks\RealDownloader\downloader.vs
[2010.09.20 14:06:46 | 000,423,190 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Module_Loader.swf
[2010.09.20 14:06:46 | 000,002,223 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_azul_preloader.swf
[2010.09.20 14:06:46 | 000,001,841 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_black_outline_preloader.swf
[2010.09.20 14:06:46 | 000,001,810 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_black_preloader.swf
[2010.09.20 14:06:46 | 000,002,173 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_blue_preloader.swf
[2010.09.20 14:06:46 | 000,028,899 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_branded_large_preloader.swf
[2010.09.20 14:06:46 | 000,017,183 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_branded_small_preloader.swf
[2010.09.20 14:06:46 | 000,002,140 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_gray_grad_preloader.swf
[2010.09.20 14:06:46 | 000,001,845 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp7_white_preloader.swf
[2010.09.20 14:06:46 | 000,002,278 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_azul_preloader.swf
[2010.09.20 14:06:46 | 000,001,899 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_black_outline_preloader.swf
[2010.09.20 14:06:46 | 000,001,863 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_black_preloader.swf
[2010.09.20 14:06:46 | 000,002,227 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_blue_preloader.swf
[2010.09.20 14:06:46 | 000,028,967 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_branded_large_preloader.swf
[2010.09.20 14:06:46 | 000,017,248 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_branded_small_preloader.swf
[2010.09.20 14:06:46 | 000,002,204 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_gray_grad_preloader.swf
[2010.09.20 14:06:46 | 000,001,899 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\fp8_white_preloader.swf
[2010.09.20 14:06:46 | 000,236,529 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 7\Media\Studio\Swf\Preloaders\preloaders_src.zip
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1996.10.15 08:53:16 | 000,078,848 | ---- | M] () -- \WINDOWS\system32\INLOADER.DLL

< *minodlogin* /s >

< *tnod* /s >
[1998.02.03 21:34:04 | 000,000,790 | ---- | M] () -- \Corel\Graphics8\Tutors\Draw\HTMLDocs\HTMLPics\contnode.gif

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 14:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2010.10.30 20:14:39 | 000,000,451 | ---- | M] () -- \Documents and Settings\Administrator\Oblíbené položky\Programy\Serials & keys - unlocks the world.url
[2008.04.11 18:26:20 | 000,000,045 | ---- | M] () -- \Documents and Settings\Administrator\Plocha\Nové\ZD Soft\ZD_Soft_Game_Recorder_2.0.1.0\ZD Soft Game Recorder 2.0.1.0\Serial.txt
[2008.04.15 10:20:56 | 000,079,120 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\HfxSerial.exe
[2008.04.15 10:39:48 | 000,010,000 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-CHS.dll
[2008.04.15 10:39:48 | 000,011,024 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-DEU.dll
[2008.04.15 10:39:48 | 000,010,512 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ESP.dll
[2008.04.15 10:39:48 | 000,011,024 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-FRA.dll
[2008.04.15 10:39:48 | 000,010,512 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-ITA.dll
[2008.04.15 10:39:48 | 000,010,512 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-JPN.dll
[2008.04.15 10:39:48 | 000,010,512 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-KOR.dll
[2008.04.15 10:39:48 | 000,011,024 | ---- | M] () -- \Documents and Settings\All Users\Dokumenty\Pinnacle\Content\HollywoodFX\Languages\HfxSerial-NLD.dll
[2010.04.20 18:34:34 | 000,000,150 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\ACDSee 9\ACDSee v9.0 + kody + cestina\serials.txt
[2012.04.22 17:53:54 | 179,273,996 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Camtasia 7\Camtasia-Studio-7-Full-with-serial.rar
[2005.01.18 14:30:06 | 000,000,047 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\Garmin\Infomapa 11\InfoMapa v.11 Complete Edition (2003) CZ\serial number\# _ idos - serial.txt
[2005.01.18 14:30:06 | 000,000,285 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\Garmin\Infomapa 11\InfoMapa v.11 Complete Edition (2003) CZ\serial number\#_ INFOMAPA11serial.txt
[2005.01.18 14:30:08 | 000,000,016 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\Garmin\Infomapa 11\InfoMapa v.11 Complete Edition (2003) CZ\serial number\Infomapa v.11 - serial.txt
[2005.01.18 14:30:08 | 000,000,016 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\Garmin\Infomapa 11\InfoMapa v.11 Complete Edition (2003) CZ\serial number\INFOMAPA11serial.txt
[2005.01.18 14:30:10 | 000,000,016 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Garmin\Garmin\Infomapa 11\InfoMapa v.11 Complete Edition (2003) CZ\serial number\serial.txt
[2011.01.04 23:51:08 | 004,311,132 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Satelitní TV\The Best Software Satellite TV For PC Of 2011\AnyTV Pro Ultimate Edition 2011 v4.55 + Serial Setup\AnyTV Pro Ultimate Edition 2011 v4.55 + Serial Setup.exe
[2011.01.04 23:51:48 | 008,584,235 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Satelitní TV\The Best Software Satellite TV For PC Of 2011\Direct Satellite PC v2.0.5.0 + Serial Setup\Direct Satellite PC v2.0.5.0 + Serial Setup.exe
[2011.01.04 23:51:39 | 003,146,380 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Satelitní TV\The Best Software Satellite TV For PC Of 2011\Dont Pay TV 2011 + Serial Setup\Dont Pay TV 2011 + Serial Setup.exe
[2011.01.04 23:51:51 | 019,852,159 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Satelitní TV\The Best Software Satellite TV For PC Of 2011\Satellite TV PC Master v6.0 + Serial Setup\Satellite TV PC Master v6.0 + Serial Setup.exe
[2011.01.04 23:51:50 | 016,551,090 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Satelitní TV\The Best Software Satellite TV For PC Of 2011\Super Internet TV Premium Edition 2011 v8.1 + Serial Setup\Super Internet TV Premium Edition 2011 v8.1 + Serial Setup.exe
[2011.01.04 23:51:08 | 012,324,240 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Satelitní TV\The Best Software Satellite TV For PC Of 2011\Tube Station TV v3.3 + Serial Setup\Tube Station TV v3.3 + Serial Setup.exe
[2009.12.25 23:27:56 | 000,000,076 | ---- | M] () -- \Documents and Settings\RH.RH-9B6AEB81C62A\Plocha\Nové\Video konverter\OJOsoft.Total.Video.Converter.2.7.3.1204.Incl.Keygen-AT4RE_hardal\OJOsoft Total Video Converter 2.7.3.1204\Serials.txt
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.10 14:01:18 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2009.09.30 19:16:22 | 000,000,602 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\VBExpress\Snippets\1033\other\connectivity\EnumerateSerialPorts.snippet
[2009.09.30 19:16:22 | 000,001,173 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\VBExpress\Snippets\1033\other\connectivity\ReadDatafromaSerialPort.snippet
[2009.09.30 19:16:22 | 000,001,498 | ---- | M] () -- \Program Files\Microsoft Visual Studio 10.0\Common7\IDE\VBExpress\Snippets\1033\other\connectivity\UseaSerialPorttoDialaPhoneNumber.snippet
[2010.03.18 18:31:26 | 000,370,552 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,042,904 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.31 02:48:08 | 000,009,272 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2009.08.31 02:48:08 | 000,285,032 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client\System.Runtime.Serialization.xml
[2010.03.18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 18:47:54 | 000,007,862 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 21:09:56 | 000,332,539 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\System.Runtime.Serialization.xml
[2010.03.18 18:31:26 | 000,429,432 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.dll
[2010.03.18 18:31:26 | 000,032,664 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.dll
[2009.10.22 18:47:54 | 000,007,862 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.Formatters.Soap.xml
[2010.01.10 21:09:56 | 000,332,539 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0\Profile\Client\System.Runtime.Serialization.xml
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.08.31 02:48:08 | 000,285,032 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\en\System.Runtime.Serialization.xml
[2010.09.28 22:06:13 | 000,352,256 | ---- | M] () -- \Program Files\Sublight\Sublight.Lib.XmlSerializers.dll
[2010.11.20 10:02:59 | 000,405,504 | ---- | M] () -- \Program Files\Sublight\Sublight.XmlSerializers.dll
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2011.02.09 13:26:27 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.02.10 11:32:47 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.10 14:15:33 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.09 13:45:55 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 19:45:56 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.15 10:56:25 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2013.11.07 13:56:11 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\85610994cd62a325ec3e429123c0164d\System.Runtime.Serialization.ni.dll
[2013.08.15 20:18:50 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.07 14:04:02 | 000,009,728 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\db09e05a47e2c198650671b800eefc04\System.Xml.Serialization.ni.dll
[2010.03.18 12:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.11.07 00:30:36 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.11.07 00:29:30 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.11.07 00:30:50 | 000,011,632 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 19:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 07:08:04 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2009.08.31 02:48:08 | 000,009,272 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\en\System.Runtime.Serialization.Formatters.Soap.xml
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.10 04:10:40 | 000,011,632 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 13:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< >

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Temp:5F64C164

< End of report >

RH46 · #35 Příspěvek od **RH46** » 16 lis 2013 01:24

Druhá zpráva -

OTL Extras logfile created on: 16.11.2013 0:49:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,23 Mb Total Physical Memory | 437,92 Mb Available Physical Memory | 43,18% Memory free
2,39 Gb Paging File | 1,91 Gb Available in Paging File | 79,81% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 44,90 Gb Free Space | 30,13% Space Free | Partition Type: NTFS

Computer Name: RH-9B6AEB81C62A | User Name: RH | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-606747145-1580436667-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Program Files\ACD Systems\ACDSee\9.0\ACDSeeQV.exe" "%1" (ACD Systems Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" = C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe:*:Enabled:Nokia Launch Application -- (Nokia)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Super Internet TV\Super Internet TV.exe" = C:\Documents and Settings\RH.RH-9B6AEB81C62A\Local Settings\Data aplikací\Super Internet TV\Super Internet TV.exe:*:Enabled:Super Internet TV -- (Ahusoft)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0FD155A3-DF78-43ee-84B0-3CC86BA962F2}_is1" = Sothink Video Converter
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{13F054F3-0B07-4D15-9E80-C55B496AB557}" = Garmin Communicator Plugin
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{17577A7A-DA8C-4EA4-BBC2-1C8BDB5AF641}" = hpg3800
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2E8C03EC-E09F-4868-A4AC-02B9285D3E09}" = Document Express DjVu Plug-in
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}" = Camtasia Studio 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5016185F-05AF-455F-AA70-6B6E5D6D4E70}" = AVerTV 3D
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{644F4910-E812-49AD-93EC-86828CB81A0D}" = PC Connectivity Solution
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67B9AF41-C0B9-4960-84D9-A61D23DE85D8}" = Garmin Trip and Waypoint Manager v4
"{67E0988E-EF9F-481E-B334-2965A50A5176}" = Atlas Czech 7 NT
"{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77812021-EECC-419F-A906-F44B78A4C5F5}" = TOPO Czech v 1.20
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{7C1673C5-CC42-4bba-9425-EE25E646CAE7}" = HP Scanjet 3800 series
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}" = Nokia PC Suite
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = RTLSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{AAA272AB-298D-477f-B611-D8AE4B91E54B}" = hpg3800QFolder
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B2D41883-3BFC-4BA0-A2F6-5A2C9836C238}" = ACDSee 9 Photo Manager
"{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1" = JPEGCrops 0.7.5 beta
"{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"A5F5C05F-717B-73C4-3160-2ABA7041614D" = Esmska
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"avast" = avast! Free Antivirus
"AVerMedia H830 USB Hybrid TV" = AVerMedia H830 USB Hybrid TV 10.2.0.46
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Corel Uninstaller" = Corel Uninstaller
"CzechRep_by_Dave_Luv" = CzechRep_by_Dave_Luv
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"GeoGet_is1" = GeoGet 2.7.0.687
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"hp deskjet 5550 series_Driver" = hp deskjet 5550 series
"HP Imaging Device Functions" = HP Imaging Device Functions 5.3
"HP Photo & Imaging" = HP Image Zone 5.3
"hp print screen utility" = hp print screen utility
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3
"HUFFYUV" = Huffyuv AVI lossless video codec (Remove Only)
"ie8" = Windows Internet Explorer 8
"InCD!UninstallKey" = InCD
"InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}" = AVerTV 3D
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.1.0 (Basic)
"Malsingmaps.com Malaysia/Singapore/Brunei Map_is1" = MSM 2012 NT v5.57
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"Nokia PC Suite" = Nokia PC Suite
"OMP Austria 3D_is1" = OMP Austria 3D
"RealPlayer 16.0" = RealPlayer
"Slovakia_by_Dave_Luv" = Slovakia_by_Dave_Luv
"SubtitleWorkshop" = Subtitle Workshop 2.51
"VLC media player" = VLC media player 1.1.11
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-606747145-1580436667-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Super Internet TV (Free Edition)_is1" = Super Internet TV v8.1 (Free Edition)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.11.2013 19:23:47 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:25:39 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:27:33 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:29:11 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:43:11 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:44:16 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:45:06 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:46:56 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:47:56 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.11.2013 19:49:21 | Computer Name = RH-9B6AEB81C62A | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OTL.exe, verze 3.2.69.0, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 12.11.2013 12:26:37 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm Fips intelppm IPSec MRxSmb NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
WS2IFSL

Error - 12.11.2013 13:54:37 | Computer Name = RH-9B6AEB81C62A | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 12.11.2013 13:55:58 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 13.11.2013 4:40:51 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 13.11.2013 9:49:33 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 13.11.2013 9:57:50 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 14.11.2013 9:02:09 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 14.11.2013 12:43:46 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 15.11.2013 7:27:38 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

Error - 15.11.2013 16:34:55 | Computer Name = RH-9B6AEB81C62A | Source = Service Control Manager | ID = 7003
Description = Služba Simple Mail Transport Protocol (SMTP) závisí na následující
neexistující službě: IISADMIN

< End of report >

#36 Příspěvek od **Márty84** » 16 lis 2013 09:35

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[ClearAllRestorePoints]

:services
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {597b1823-7ff0-4cd3-8095-9d8cba514992}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XN^xdm246^YYA^cz&si=CH_WEAT_INTL_CZE_49&ptb=9CCA1A71-10BE-4ED9-8979-C3BC9C1AAE3E&psa=&ind=2013111010&st=sb&n=77fda2e2&searchfor={searchTerms}
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}: "URL" = http://search.tb.ask.com/search/GGmain.jhtml?p2=^XN^xdm246^YYA^cz&si=CH_WEAT_INTL_CZE_49&ptb=9CCA1A71-10BE-4ED9-8979-C3BC9C1AAE3E&psa=&ind=2013111010&st=sb&n=77fda2e2&searchfor={searchTerms}
O3 - HKU\S-1-5-21-606747145-1580436667-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
[43 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[29 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
@Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Temp:5F64C164

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

RH46 · #37 Příspěvek od **RH46** » 16 lis 2013 14:07

Bohužel oprava se nezdařila, provedl jsem všechno podle doporučení,
po spuštění OTL zmizely z obrazovky všechny ikonky,
prgram hlásil "killing processes" ale nic se nedělo.
Po hodině jsem program nuceně ukončil.
Prosím o radu co dál, děkuji.

#38 Příspěvek od **Márty84** » 16 lis 2013 14:27

Zkuste to v nouzovem rezimu

RH46 · #39 Příspěvek od **RH46** » 16 lis 2013 15:13

Tentokrát už to proběhlo bez problému,
zde je log -

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: A002471

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Administrator.RH-9B6AEB81C62A
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 297299 bytes

User: All Users

User: All Users.WINDOWS

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User.WINDOWS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService.NT AUTHORITY.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: RH
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: RH.RH-9B6AEB81C62A
->Temp folder emptied: 2114527 bytes
->Temporary Internet Files folder emptied: 58097320 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 4958 bytes

User: RHE81B~1~RH-

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 246243 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 58,00 mb

[EMPTYFLASH]

User: A002471

User: Administrator
->Flash cache emptied: 0 bytes

User: Administrator.RH-9B6AEB81C62A

User: All Users

User: All Users.WINDOWS

User: Default User

User: Default User.WINDOWS

User: LocalService

User: LocalService.NT AUTHORITY

User: LocalService.NT AUTHORITY.000

User: NetworkService

User: NetworkService.NT AUTHORITY

User: NetworkService.NT AUTHORITY.000

User: RH

User: RH.RH-9B6AEB81C62A
->Flash cache emptied: 0 bytes

User: RHE81B~1~RH-

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start System Restore Service. Error code 10
========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job moved successfully.
C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-606747145-1580436667-725345543-1003.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-606747145-1580436667-725345543-1003.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
HKEY_USERS\S-1-5-21-606747145-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-606747145-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-606747145-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597b1823-7ff0-4cd3-8095-9d8cba514992}\ not found.
Registry value HKEY_USERS\S-1-5-21-606747145-1580436667-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP114.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP121.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP133.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP140.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP143.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP148.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP159.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP165.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP196.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP199.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21C.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP243.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP244.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP264.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27.tmp\System.ServiceModel.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C7.tmp\System.Data.Linq.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP427.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP475.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP49D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4C1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP556.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57A.tmp\jsc.exe deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP67.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP70.tmp\Microsoft.SqlServer.Management.Sdk.Sfc.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP70.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFE.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI141.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI40.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4FC.tmp deleted successfully.
C:\WINDOWS\Installer\MSI5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI53A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI53B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI53C.tmp deleted successfully.
C:\WINDOWS\Installer\MSI53D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI53E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI70.tmp deleted successfully.
C:\WINDOWS\Installer\MSI71.tmp deleted successfully.
C:\WINDOWS\Installer\MSI8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI83.tmp deleted successfully.
C:\WINDOWS\Installer\MSI84.tmp deleted successfully.
C:\WINDOWS\Installer\MSI85.tmp deleted successfully.
C:\WINDOWS\Installer\MSI86.tmp deleted successfully.
C:\WINDOWS\Installer\MSI87.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9.tmp deleted successfully.
C:\WINDOWS\Installer\MSIA.tmp deleted successfully.
C:\WINDOWS\Installer\MSIB.tmp deleted successfully.
C:\WINDOWS\Installer\MSIE.tmp deleted successfully.
ADS C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Temp:5F64C164 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 11162013_150244

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#40 Příspěvek od **Márty84** » 16 lis 2013 18:44

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

RH46 · #41 Příspěvek od **RH46** » 17 lis 2013 01:08

Provedeno, PC pracuje znatelně rychleji.
Děkuji moc za pomoc, přeji hezké a úspěšné dny.
RH46

#42 Příspěvek od **Márty84** » 17 lis 2013 10:15

To jsem rad

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu

Re: kontrola logu