podezření na infekci ?

Zpráva

AlešV · #1 Příspěvek od **AlešV** » 31 pro 2013 21:01

Dobrý den, kdysi mi program GMER pomohl odstranit "neodstranitelný" soubor. Opět jsem ho použil a dočetl se o možnosti kontroly a rady na tomto fóru.

Je to asi dva týdny co jsem započal reinstalaci Win XP na původně sekundární HDD, neb primár mi nad vší pochybnost začal ztrácet spolehlivost.
Systém jsem nainstaloval na první oddíl který jsem i zformátoval, překvapilo mne, že jsem nyní při reorganizaci objevil problém s nesmazatelným souborem i když se nacházel na oddílu který jsem předtím nekontroloval ani neformátoval, tedy tam možná byl už dříve.

Gmer mi soubor umožnil smazat ale červik mi začal v hlavě vrtat jestli nemám někde schovanýho žáškodníka.

Přikládám log z RSIT dle návodu zde. Měl jsem připraveny logy z GMERu ale mám pocit, že asi upřednostňujete RSIT a jiné.

-------------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Aleš at 2013-12-31 20:14:19
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (27%) free of 30 GB
Total RAM: 1023 MB (32% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{1899CCE9-6A68-45E5-B148-EFFFDAB8F919}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{D13AB8BA-450A-4977-AF5F-8A010E7AB16F}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2010-12-17 332288]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=1
"legalnoticecaption"=Informace k přihlášení
"legalnoticetext"=Možnosti přihlášení jsou omezené
Akce se ukládají
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe:*:Enabled:CDA Server"
"C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe"="C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe:*:Enabled:Easy Printer Manager"
"C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe"="C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe:*:Enabled:EPM Order Supplies"
"C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe"="C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe:*:Enabled:EPM Alert"
"C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe"="C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe:*:Enabled:CDA Scan2PC"
"C:\Program Files\ControlCenter\iptool.exe"="C:\Program Files\ControlCenter\iptool.exe:*:Enabled:IPTool"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ControlCenter\controlcenter.exe"="C:\Program Files\ControlCenter\controlcenter.exe:*:Enabled:ControlCenter "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2013-12-31 20:14:20 ----D---- C:\Program Files\trend micro
2013-12-31 20:14:19 ----D---- C:\rsit
2013-12-31 00:21:23 ----D---- C:\Program Files\DAEMON Tools Lite
2013-12-31 00:20:17 ----D---- C:\Documents and Settings\Aleš\Data aplikací\DAEMON Tools Lite
2013-12-31 00:14:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2013-12-31 00:04:41 ----D---- C:\Program Files\FreeCommander
2013-12-30 17:58:51 ----D---- C:\Documents and Settings\Aleš\Data aplikací\XnView
2013-12-30 17:58:19 ----D---- C:\Program Files\XnView
2013-12-30 12:31:57 ----D---- C:\Program Files\Adobe
2013-12-30 12:31:38 ----SHD---- C:\Config.Msi
2013-12-29 01:38:04 ----D---- C:\WINDOWS\system32\NtmsData
2013-12-28 19:30:52 ----A---- C:\WINDOWS\ntbtlog.txt
2013-12-27 14:24:58 ----D---- C:\Documents and Settings\Aleš\Data aplikací\OpenOffice.org
2013-12-26 19:15:37 ----SHD---- C:\RECYCLER
2013-12-26 18:08:21 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2013-12-26 18:08:15 ----D---- C:\WINDOWS\PixArt
2013-12-26 18:08:12 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2013-12-26 18:01:54 ----D---- C:\Documents and Settings\Aleš\Data aplikací\Skype
2013-12-26 18:01:46 ----D---- C:\Program Files\Common Files\Skype
2013-12-26 18:01:43 ----RD---- C:\Program Files\Skype
2013-12-26 18:01:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-26 17:49:42 ----D---- C:\Documents and Settings\Aleš\Data aplikací\Macromedia
2013-12-26 16:07:15 ----D---- C:\Documents and Settings\Aleš\Data aplikací\Adobe
2013-12-26 01:54:35 ----SHD---- C:\WINDOWS\CSC
2013-12-26 00:24:38 ----HD---- C:\WINDOWS\system32\GroupPolicy
2013-12-26 00:11:26 ----D---- C:\Documents and Settings\Aleš\Data aplikací\Samsung
2013-12-26 00:11:11 ----D---- C:\Documents and Settings\Aleš\Data aplikací\Identities
2013-12-26 00:11:03 ----ASH---- C:\Documents and Settings\Aleš\Data aplikací\desktop.ini
2013-12-26 00:11:02 ----SD---- C:\Documents and Settings\Aleš\Data aplikací\Microsoft
2013-12-25 22:48:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2013-12-25 21:34:51 ----D---- C:\WINDOWS\system32\appmgmt
2013-12-25 19:55:53 ----A---- C:\WINDOWS\WORDPAD.INI
2013-12-25 16:22:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2013-12-25 16:22:40 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2013-12-24 16:11:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-24 16:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-24 16:11:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-24 16:11:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2013-12-24 16:10:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-12-24 16:10:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-12-24 16:10:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-12-24 16:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-12-24 16:10:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-12-24 16:09:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-12-24 16:09:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-12-24 16:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-12-24 16:09:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-12-24 16:09:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-12-24 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-12-24 16:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-12-24 16:08:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-12-24 16:08:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2013-12-24 16:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2013-12-24 16:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2013-12-24 16:07:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2013-12-24 16:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2013-12-24 16:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2013-12-24 16:07:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2013-12-24 16:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2013-12-24 16:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2013-12-24 16:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2013-12-24 16:06:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2013-12-24 16:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2013-12-24 16:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2013-12-24 16:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2013-12-24 16:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2013-12-24 16:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2013-12-24 16:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2013-12-24 16:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2013-12-24 16:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2013-12-24 16:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2013-12-24 16:04:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2013-12-24 16:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2013-12-24 16:03:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2013-12-24 16:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2013-12-24 16:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2013-12-24 16:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2013-12-24 16:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2013-12-24 16:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2013-12-24 16:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2013-12-24 16:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2013-12-24 16:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2013-12-24 16:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2013-12-24 16:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2013-12-24 16:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2013-12-24 16:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2013-12-24 16:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2013-12-24 16:01:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2013-12-24 16:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2013-12-24 16:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2013-12-24 16:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2013-12-24 16:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2013-12-24 16:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2013-12-24 15:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2013-12-24 15:59:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2013-12-24 15:59:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2013-12-24 15:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-12-24 15:59:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2013-12-24 15:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2013-12-24 15:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2013-12-24 15:58:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-12-24 15:58:30 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2013-12-24 15:10:50 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-12-24 15:10:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-12-24 15:10:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-12-24 15:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2013-12-24 15:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-12-24 14:38:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2013-12-24 14:37:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2013-12-24 14:36:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2013-12-24 14:25:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2013-12-24 14:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2013-12-24 14:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2013-12-24 12:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2013-12-24 12:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2013-12-24 12:40:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2013-12-24 12:23:55 ----D---- C:\WINDOWS\system32\MRT
2013-12-24 12:23:09 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-24 12:09:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-24 12:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2013-12-24 12:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2013-12-24 11:23:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-24 11:19:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2013-12-24 11:14:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2013-12-24 11:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-12-24 11:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2013-12-24 11:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2013-12-24 01:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-12-24 01:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2013-12-24 01:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2013-12-24 01:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-12-24 01:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2013-12-24 01:11:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-12-24 01:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2013-12-24 01:04:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2013-12-24 00:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2013-12-24 00:54:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
2013-12-24 00:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2013-12-24 00:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2013-12-24 00:43:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2013-12-24 00:39:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2013-12-24 00:06:49 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-12-23 23:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2013-12-23 23:17:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-12-23 23:12:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2013-12-23 22:58:56 ----D---- C:\WINDOWS\ie8updates
2013-12-23 22:54:50 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2013-12-23 22:50:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2013-12-23 22:10:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2013-12-23 22:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2013-12-23 20:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2013-12-23 20:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2013-12-23 20:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2013-12-23 20:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2013-12-23 20:08:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2013-12-23 20:08:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2013-12-23 20:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2013-12-23 20:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2013-12-23 19:57:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2013-12-23 19:07:05 ----D---- C:\Program Files\Microsoft Download Manager
2013-12-23 15:10:32 ----A---- C:\WINDOWS\system32\muweb.dll
2013-12-23 15:10:32 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2013-12-23 15:10:32 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-12-23 01:35:42 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-23 01:33:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2013-12-23 00:45:29 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-12-23 00:36:53 ----D---- C:\777760ee9e644506330837d711c7affd
2013-12-22 23:45:59 ----D---- C:\Program Files\Microsoft Security Client
2013-12-22 23:45:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-12-22 23:15:10 ----D---- C:\WINDOWS\system32\PreInstall
2013-12-22 23:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2013-12-22 23:14:58 ----HD---- C:\WINDOWS\$hf_mig$
2013-12-22 22:27:36 ----D---- C:\WINDOWS\WBEM
2013-12-22 22:16:17 ----HDC---- C:\WINDOWS\ie8
2013-12-22 22:09:34 ----N---- C:\WINDOWS\system32\iacenc.dll
2013-12-21 10:48:32 ----D---- C:\4435b862145a9d84865fad7c13
2013-12-16 20:18:34 ----D---- C:\57d81e03696c7dc531e24d0f68d1c4ca
2013-12-15 19:56:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2013-12-15 19:54:51 ----D---- C:\WINDOWS\Prefetch
2013-12-15 19:45:28 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-12-15 19:45:27 ----A---- C:\WINDOWS\system32\msxml6.dll
2013-12-15 19:45:20 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-12-15 19:45:20 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-12-15 19:45:20 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-12-15 19:45:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\credssp.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\azroles.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ati3duag.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-12-15 19:45:18 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2013-12-15 19:45:17 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-12-15 19:45:17 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-12-15 19:45:17 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-12-15 19:45:17 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\qagent.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\onex.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\napstat.exe
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\mssha.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-12-15 19:45:16 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\verclsid.exe
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\tzchange.exe
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\slserv.exe
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\slgen.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\setupn.exe
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\qutil.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-12-15 19:45:15 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-12-15 19:45:14 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-12-15 19:45:14 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-12-15 19:45:14 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-12-15 19:45:14 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-12-15 19:45:13 ----N---- C:\WINDOWS\slrundll.exe
2013-12-15 19:45:13 ----D---- C:\WINDOWS\system32\cs-cz
2013-12-15 19:45:13 ----D---- C:\WINDOWS\system32\cs
2013-12-15 19:45:13 ----D---- C:\WINDOWS\l2schemas
2013-12-15 19:45:13 ----A---- C:\WINDOWS\system32\xmllite.dll
2013-12-15 19:45:12 ----D---- C:\WINDOWS\system32\bits
2013-12-15 19:44:05 ----D---- C:\WINDOWS\ServicePackFiles
2013-12-15 19:42:38 ----D---- C:\WINDOWS\network diagnostic
2013-12-15 19:41:29 ----A---- C:\WINDOWS\002693_.tmp
2013-12-15 19:41:19 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-12-15 19:41:08 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2013-12-15 19:39:08 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-12-15 18:50:35 ----D---- C:\Program Files\ControlCenter
2013-12-15 18:50:35 ----A---- C:\WINDOWS\system32\xvidcore.dll
2013-12-15 18:50:35 ----A---- C:\WINDOWS\system32\tvtxtdec.dll
2013-12-15 18:50:35 ----A---- C:\WINDOWS\system32\tvtacodec.dll
2013-12-15 18:50:35 ----A---- C:\WINDOWS\system32\th264codec.dll
2013-12-15 18:50:34 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2013-12-15 18:50:34 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2013-12-15 18:50:34 ----A---- C:\WINDOWS\system32\amd422codec.dll
2013-12-15 18:38:41 ----D---- C:\Program Files\OpenOffice.org 3
2013-12-15 18:33:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-12-15 18:33:01 ----D---- C:\Program Files\Common Files\Adobe
2013-12-15 18:19:36 ----D---- C:\Program Files\Common Files\Common Desktop Agent
2013-12-15 18:19:24 ----N---- C:\WINDOWS\system32\spmsg.dll
2013-12-15 18:19:15 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2013-12-15 18:18:59 ----D---- C:\Program Files\SamsungPrinterLiveUpdateInstaller
2013-12-15 18:18:59 ----D---- C:\Program Files\SamsungPrinterLiveUpdate
2013-12-15 18:18:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2013-12-15 18:18:29 ----N---- C:\WINDOWS\TotalUninstaller.exe
2013-12-15 18:18:28 ----A---- C:\WINDOWS\system32\ssj1mlm.dll
2013-12-15 18:18:25 ----A---- C:\WINDOWS\system32\ssj1mci.exe
2013-12-15 18:18:25 ----A---- C:\WINDOWS\system32\ssj1mci.dll
2013-12-15 18:17:47 ----N---- C:\WINDOWS\gdiplus.dll
2013-12-15 18:17:47 ----D---- C:\Program Files\Samsung
2013-12-15 17:58:54 ----A---- C:\WINDOWS\system32\ChCfg.exe
2013-12-15 17:58:39 ----D---- C:\Program Files\Realtek AC97
2013-12-15 17:58:39 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2013-12-15 17:58:38 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2013-12-15 17:58:38 ----A---- C:\WINDOWS\soundman.exe
2013-12-15 17:58:37 ----HD---- C:\Program Files\InstallShield Installation Information
2013-12-15 17:58:37 ----A---- C:\WINDOWS\alcupd.exe
2013-12-15 17:58:37 ----A---- C:\WINDOWS\Alcrmv.exe
2013-12-15 17:58:27 ----D---- C:\Program Files\Common Files\InstallShield
2013-12-15 17:52:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2013-12-15 17:52:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrszht.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrstr.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsth.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrssv.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrssl.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrssk.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsru.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrspt.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrspl.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsno.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsko.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsja.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsit.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrshu.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrshe.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrses.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrseng.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsel.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsde.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsda.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrscs.dll
2013-12-15 17:52:00 ----A---- C:\WINDOWS\system32\nvrsar.dll
2013-12-15 17:51:59 ----A---- C:\WINDOWS\system32\nvmctray.dll
2013-12-15 17:51:59 ----A---- C:\WINDOWS\system32\nvcpl.dll
2013-12-15 17:51:59 ----A---- C:\WINDOWS\system32\nvcolor.exe
2013-12-15 17:51:57 ----A---- C:\WINDOWS\system32\nvwddi.dll
2013-12-15 17:51:26 ----A---- C:\WINDOWS\system32\OpenCL.dll
2013-12-15 17:51:07 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2013-12-15 17:51:07 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2013-12-15 17:51:07 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2013-12-15 17:51:07 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2013-12-15 17:51:07 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2013-12-15 17:51:06 ----A---- C:\WINDOWS\system32\nvcuda.dll
2013-12-15 17:51:05 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2013-12-15 17:51:05 ----A---- C:\WINDOWS\system32\nvapi.dll
2013-12-15 17:51:05 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2013-12-15 17:49:51 ----D---- C:\Program Files\NVIDIA Corporation
2013-12-15 17:49:10 ----D---- C:\NVIDIA
2013-12-15 14:13:44 ----A---- C:\WINDOWS\system32\wpa.bak
2013-12-15 13:57:41 ----A---- C:\WINDOWS\system32\h323log.txt
2013-12-15 13:18:40 ----HD---- C:\Program Files\Uninstall Information
2013-12-15 13:14:31 ----D---- C:\WINDOWS\SoftwareDistribution
2013-12-15 13:14:29 ----SD---- C:\WINDOWS\system32\Microsoft
2013-12-15 13:14:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-15 13:09:33 ----D---- C:\WINDOWS\system32\xircom
2013-12-15 13:09:33 ----D---- C:\Program Files\xerox
2013-12-15 13:09:33 ----D---- C:\Program Files\microsoft frontpage
2013-12-15 13:09:13 ----A---- C:\WINDOWS\control.ini
2013-12-15 13:09:13 ----A---- C:\AUTOEXEC.BAT
2013-12-15 13:09:00 ----A---- C:\WINDOWS\OEWABLog.txt
2013-12-15 13:08:56 ----A---- C:\WINDOWS\system32\mapi32.dll
2013-12-15 13:08:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-12-15 13:08:11 ----RD---- C:\WINDOWS\Offline Web Pages
2013-12-15 13:08:11 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2013-12-15 13:08:05 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2013-12-15 13:08:01 ----HD---- C:\Program Files\WindowsUpdate
2013-12-15 13:07:57 ----D---- C:\Program Files\Online Services
2013-12-15 13:07:40 ----D---- C:\WINDOWS\system32\DirectX
2013-12-15 13:07:15 ----A---- C:\WINDOWS\system32\atrace.dll
2013-12-15 13:07:12 ----A---- C:\WINDOWS\system32\desktop.ini
2013-12-15 13:07:12 ----A---- C:\WINDOWS\desktop.ini
2013-12-15 13:07:04 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2013-12-15 13:07:03 ----A---- C:\WINDOWS\system32\acctres.dll
2013-12-15 13:07:02 ----D---- C:\Program Files\Common Files\Services
2013-12-15 13:06:59 ----SD---- C:\WINDOWS\Tasks
2013-12-15 13:06:59 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2013-12-15 13:06:58 ----D---- C:\Program Files\Common Files\MSSoap
2013-12-15 13:06:53 ----D---- C:\WINDOWS\srchasst
2013-12-15 13:06:52 ----D---- C:\WINDOWS\system32\Macromed
2013-12-15 13:06:49 ----A---- C:\WINDOWS\system32\wuweb.dll
2013-12-15 13:06:49 ----A---- C:\WINDOWS\system32\wucltui.dll
2013-12-15 13:06:49 ----A---- C:\WINDOWS\system32\wuauserv.dll
2013-12-15 13:06:49 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\wups.dll
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\wuaueng.dll
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\wuauclt.exe
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\wuapi.dll
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2013-12-15 13:06:48 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2013-12-15 13:06:47 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2013-12-15 13:06:47 ----A---- C:\WINDOWS\system32\qmgr.dll
2013-12-15 13:06:43 ----D---- C:\Program Files\Movie Maker
2013-12-15 13:06:39 ----A---- C:\WINDOWS\system32\safrslv.dll
2013-12-15 13:06:39 ----A---- C:\WINDOWS\system32\safrdm.dll
2013-12-15 13:06:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2013-12-15 13:06:39 ----A---- C:\WINDOWS\system32\racpldlg.dll
2013-12-15 13:06:35 ----A---- C:\WINDOWS\system32\fltmc.exe
2013-12-15 13:06:35 ----A---- C:\WINDOWS\system32\fltlib.dll
2013-12-15 13:06:34 ----D---- C:\WINDOWS\system32\Restore
2013-12-15 13:06:34 ----A---- C:\WINDOWS\system32\srsvc.dll
2013-12-15 13:06:34 ----A---- C:\WINDOWS\system32\srrstr.dll
2013-12-15 13:06:34 ----A---- C:\WINDOWS\system32\srclient.dll
2013-12-15 13:06:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2013-12-15 13:06:33 ----A---- C:\WINDOWS\system32\ils.dll
2013-12-15 13:06:32 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2013-12-15 13:06:32 ----A---- C:\WINDOWS\system32\msconf.dll
2013-12-15 13:06:32 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2013-12-15 13:06:32 ----A---- C:\WINDOWS\system32\mnmdd.dll
2013-12-15 13:06:29 ----D---- C:\Program Files\NetMeeting
2013-12-15 13:06:29 ----A---- C:\WINDOWS\system32\msoert2.dll
2013-12-15 13:06:29 ----A---- C:\WINDOWS\system32\msoeacct.dll
2013-12-15 13:06:28 ----A---- C:\WINDOWS\system32\inetres.dll
2013-12-15 13:06:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2013-12-15 13:06:25 ----D---- C:\Program Files\Outlook Express
2013-12-15 13:06:25 ----A---- C:\WINDOWS\system32\schedsvc.dll
2013-12-15 13:06:25 ----A---- C:\WINDOWS\system32\mstinit.exe
2013-12-15 13:06:25 ----A---- C:\WINDOWS\system32\mstask.dll
2013-12-15 13:06:24 ----A---- C:\WINDOWS\system32\isign32.dll
2013-12-15 13:06:24 ----A---- C:\WINDOWS\system32\inetcfg.dll
2013-12-15 13:06:24 ----A---- C:\WINDOWS\system32\icwphbk.dll
2013-12-15 13:06:24 ----A---- C:\WINDOWS\system32\icwdial.dll
2013-12-15 13:06:17 ----D---- C:\Program Files\Common Files\System
2013-12-15 13:06:16 ----D---- C:\Program Files\Internet Explorer
2013-12-15 13:05:41 ----D---- C:\Program Files\ComPlus Applications
2013-12-15 13:05:40 ----A---- C:\WINDOWS\vbaddin.ini
2013-12-15 13:05:40 ----A---- C:\WINDOWS\vb.ini
2013-12-15 13:05:36 ----D---- C:\WINDOWS\Registration
2013-12-15 13:05:30 ----D---- C:\Program Files\Windows Media Player
2013-12-15 13:05:25 ----D---- C:\Program Files\Messenger
2013-12-15 13:05:21 ----D---- C:\Program Files\MSN Gaming Zone
2013-12-15 13:05:21 ----A---- C:\WINDOWS\system32\write.exe
2013-12-15 13:05:10 ----A---- C:\WINDOWS\system32\sndvol32.exe
2013-12-15 13:05:09 ----A---- C:\WINDOWS\system32\hticons.dll
2013-12-15 13:05:09 ----A---- C:\WINDOWS\system32\avwav.dll
2013-12-15 13:05:09 ----A---- C:\WINDOWS\system32\avtapi.dll
2013-12-15 13:05:09 ----A---- C:\WINDOWS\system32\avmeter.dll
2013-12-15 13:05:08 ----A---- C:\WINDOWS\system32\winchat.exe
2013-12-15 13:05:00 ----A---- C:\WINDOWS\system32\getuname.dll
2013-12-15 13:04:59 ----A---- C:\WINDOWS\system32\charmap.exe
2013-12-15 13:04:59 ----A---- C:\WINDOWS\system32\calc.exe
2013-12-15 13:04:58 ----A---- C:\WINDOWS\system32\winmine.exe
2013-12-15 13:04:58 ----A---- C:\WINDOWS\system32\sol.exe
2013-12-15 13:04:58 ----A---- C:\WINDOWS\system32\mshearts.exe
2013-12-15 13:04:58 ----A---- C:\WINDOWS\system32\freecell.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\tslabels.ini
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\tskill.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\tscon.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\shadow.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\rwinsta.exe
2013-12-15 13:04:57 ----A---- C:\WINDOWS\system32\reset.exe
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\regini.exe
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\qwinsta.exe
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\qappsrv.exe
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\msg.exe
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\logoff.exe
2013-12-15 13:04:56 ----A---- C:\WINDOWS\system32\cdmodem.dll
2013-12-15 13:04:55 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2013-12-15 13:04:55 ----A---- C:\WINDOWS\system32\mtxex.dll
2013-12-15 13:04:55 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2013-12-15 13:04:54 ----A---- C:\WINDOWS\system32\stclient.dll
2013-12-15 13:04:54 ----A---- C:\WINDOWS\system32\mtxdm.dll
2013-12-15 13:04:54 ----A---- C:\WINDOWS\system32\comsnap.dll
2013-12-15 13:04:54 ----A---- C:\WINDOWS\system32\comrepl.dll
2013-12-15 13:04:54 ----A---- C:\WINDOWS\system32\comaddin.dll
2013-12-15 13:04:48 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2013-12-15 13:04:47 ----A---- C:\WINDOWS\system32\accwiz.exe
2013-12-15 13:04:46 ----D---- C:\Program Files\Windows NT
2013-12-15 13:04:46 ----A---- C:\WINDOWS\system32\sndrec32.exe
2013-12-15 13:04:46 ----A---- C:\WINDOWS\system32\mplay32.exe
2013-12-15 13:04:46 ----A---- C:\WINDOWS\system32\hypertrm.dll
2013-12-15 13:04:45 ----A---- C:\WINDOWS\system32\spider.exe
2013-12-15 13:04:45 ----A---- C:\WINDOWS\system32\mspaint.exe
2013-12-15 13:04:45 ----A---- C:\WINDOWS\system32\clipbrd.exe
2013-12-15 13:04:44 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2013-12-15 13:04:44 ----A---- C:\WINDOWS\system32\mstscax.dll
2013-12-15 13:04:44 ----A---- C:\WINDOWS\system32\mstsc.exe
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\termsrv.dll
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\sessmgr.exe
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\remotepg.dll
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\rdshost.exe
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2013-12-15 13:04:43 ----A---- C:\WINDOWS\system32\rdchost.dll
2013-12-15 13:04:42 ----D---- C:\WINDOWS\system32\MsDtc
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\qprocess.exe
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\mtxoci.dll
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\icaapi.dll
2013-12-15 13:04:42 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2013-12-15 13:04:41 ----A---- C:\WINDOWS\system32\xolehlp.dll
2013-12-15 13:04:41 ----A---- C:\WINDOWS\system32\msdtctm.dll
2013-12-15 13:04:41 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2013-12-15 13:04:41 ----A---- C:\WINDOWS\system32\msdtclog.dll
2013-12-15 13:04:41 ----A---- C:\WINDOWS\system32\msdtc.exe
2013-12-15 13:04:40 ----D---- C:\WINDOWS\system32\Com
2013-12-15 13:04:40 ----A---- C:\WINDOWS\system32\colbact.dll
2013-12-15 13:04:39 ----A---- C:\WINDOWS\system32\clbcatex.dll
2013-12-15 13:04:39 ----A---- C:\WINDOWS\system32\catsrvut.dll
2013-12-15 13:04:39 ----A---- C:\WINDOWS\system32\catsrvps.dll
2013-12-15 13:04:39 ----A---- C:\WINDOWS\system32\catsrv.dll
2013-12-15 13:04:38 ----A---- C:\WINDOWS\system32\comuid.dll
2013-12-15 13:04:38 ----A---- C:\WINDOWS\system32\comsvcs.dll
2013-12-15 13:04:38 ----A---- C:\WINDOWS\system32\clbcatq.dll
2013-12-15 13:04:31 ----A---- C:\WINDOWS\system32\servdeps.dll
2013-12-15 13:04:31 ----A---- C:\WINDOWS\system32\mmfutil.dll
2013-12-15 13:04:30 ----A---- C:\WINDOWS\system32\licwmi.dll
2013-12-15 13:04:30 ----A---- C:\WINDOWS\system32\cmprops.dll
2013-12-15 12:57:01 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-12-15 12:56:30 ----A---- C:\WINDOWS\system32\usbui.dll
2013-12-15 12:55:30 ----A---- C:\WINDOWS\imsins.BAK
2013-12-15 12:55:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-15 12:55:27 ----SHD---- C:\WINDOWS\Installer
2013-12-15 12:55:27 ----D---- C:\Program Files\Common Files\ODBC
2013-12-15 12:55:27 ----A---- C:\WINDOWS\ODBCINST.INI
2013-12-15 12:55:24 ----D---- C:\Program Files\Common Files\SpeechEngines
2013-12-15 12:55:23 ----RD---- C:\Program Files
2013-12-15 12:55:23 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-12-15 12:55:23 ----D---- C:\Program Files\Common Files
2013-12-15 12:55:19 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2013-12-15 12:55:19 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2013-12-15 12:55:19 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2013-12-15 12:55:17 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdur.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdru.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2013-12-15 12:55:16 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2013-12-15 12:55:13 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2013-12-15 12:55:11 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2013-12-15 12:55:11 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2013-12-15 12:55:11 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2013-12-15 12:55:11 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2013-12-15 12:55:11 ----RA---- C:\WINDOWS\system32\kbdest.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdycl.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdsl.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdro.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdpl.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdhu.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\kbdcr.dll
2013-12-15 12:55:07 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2013-12-15 12:55:06 ----A---- C:\WINDOWS\system32\irclass.dll
2013-12-15 12:55:05 ----A---- C:\WINDOWS\system32\spxcoins.dll
2013-12-15 12:55:05 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2013-12-15 12:55:05 ----A---- C:\WINDOWS\system32\dgsetup.dll
2013-12-15 12:55:05 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2013-12-15 12:55:02 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2013-12-15 12:55:02 ----A---- C:\WINDOWS\TASKMAN.EXE
2013-12-15 12:55:02 ----A---- C:\WINDOWS\system32\batt.dll
2013-12-15 12:55:01 ----A---- C:\WINDOWS\notepad.exe
2013-12-15 12:55:00 ----A---- C:\WINDOWS\system32\storprop.dll
2013-12-15 12:54:53 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2013-12-15 12:54:48 ----RA---- C:\WINDOWS\SET8.tmp
2013-12-15 12:54:46 ----RA---- C:\WINDOWS\SET4.tmp
2013-12-15 12:54:45 ----RA---- C:\WINDOWS\SET3.tmp
2013-12-15 12:54:39 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-15 12:54:39 ----D---- C:\WINDOWS\system32\CatRoot
2013-12-15 12:54:34 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-12-15 12:54:11 ----A---- C:\WINDOWS\setuplog.txt
2013-12-15 12:54:08 ----D---- C:\Documents and Settings
2013-12-15 12:46:38 ----SH---- C:\boot.ini
2013-12-15 12:40:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-15 12:40:10 ----RSD---- C:\WINDOWS\Fonts
2013-12-15 12:40:10 ----RD---- C:\WINDOWS\Web
2013-12-15 12:40:10 ----HD---- C:\WINDOWS\inf
2013-12-15 12:40:10 ----D---- C:\WINDOWS\WinSxS
2013-12-15 12:40:10 ----D---- C:\WINDOWS\twain_32
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Temp
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\wins
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\wbem
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\usmt
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\spool
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\ShellExt
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\Setup
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\ras
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\oobe
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\npp
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\mui
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\inetsrv
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\IME
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\icsxml
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\ias
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\export
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\drivers
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\dhcp
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\config
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\3com_dmi
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\3076
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\2052
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1054
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1042
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1041
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1037
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1033
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1031
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1029
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1028
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32\1025
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system32
2013-12-15 12:40:10 ----D---- C:\WINDOWS\system
2013-12-15 12:40:10 ----D---- C:\WINDOWS\security
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Resources
2013-12-15 12:40:10 ----D---- C:\WINDOWS\repair
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Provisioning
2013-12-15 12:40:10 ----D---- C:\WINDOWS\pchealth
2013-12-15 12:40:10 ----D---- C:\WINDOWS\PeerNet
2013-12-15 12:40:10 ----D---- C:\WINDOWS\mui
2013-12-15 12:40:10 ----D---- C:\WINDOWS\msapps
2013-12-15 12:40:10 ----D---- C:\WINDOWS\msagent
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Media
2013-12-15 12:40:10 ----D---- C:\WINDOWS\java
2013-12-15 12:40:10 ----D---- C:\WINDOWS\ime
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Help
2013-12-15 12:40:10 ----D---- C:\WINDOWS\ehome
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Driver Cache
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Debug
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Cursors
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Connection Wizard
2013-12-15 12:40:10 ----D---- C:\WINDOWS\Config
2013-12-15 12:40:10 ----D---- C:\WINDOWS\AppPatch
2013-12-15 12:40:10 ----D---- C:\WINDOWS\addins
2013-12-15 12:40:10 ----D---- C:\WINDOWS
2013-12-14 22:13:33 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2013-12-15 13:09:13 ----A---- C:\WINDOWS\win.ini
2013-12-15 12:55:22 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpKsle0b226cf;MpKsle0b226cf; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{6B00061F-391F-4A71-8E7B-EF55EF605635}\MpKsle0b226cf.sys []
R2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 ES1370;Creative AudioPCI (ES1370), SB PCI 64/128 (WDM); C:\WINDOWS\system32\drivers\ES1370MP.sys [2001-08-17 37120]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 aagg8n0a;aagg8n0a; C:\WINDOWS\system32\drivers\aagg8n0a.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 pxldapob;pxldapob; \??\C:\DOCUME~1\ALE~1\LOCALS~1\Temp\pxldapob.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]

-----------------EOF-----------------

Díky za případné reakce a přeji krásný den Aleš

#2 Příspěvek od **vyosek** » 31 pro 2013 21:53

Zdravim

Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/

Ulozte nejlepe na Plochu a rozbalte
Spustte kliknutim na mbar
Nyni postupne kliknete na Next a Update
Po dokonceni update (aktualizace) databaze kliknete opet na Next
Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
PC bude restartovan
Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

AlešV · #3 Příspěvek od **AlešV** » 01 led 2014 00:56

Díky za skutěčně rychlou reakci

, zde přikládám výsledky testů.
První test měl negativní nález ale druhý asi něco nalezl.

-------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.31.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
:: P4-PC [administrator]

31.12.2013 22:07:23
mbar-log-2013-12-31 (22-07-23).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 268733
Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
------------------------
------------------------

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.31.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Aleš :: P4-PC [administrátor]

Ochrana: Zakázána

31.12.2013 22:55:51
MBAM-log-2014-01-01 (00-27-11).txt

Typ: Kompletní kontrola (C:\|E:\|F:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 369189
Uplynulý čas: 1 hodin, 19 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 10
C:\Documents and Settings\Aleš\Local Settings\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Aleš\Local Settings\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Aleš\Local Settings\Temp\Shortcut_SweetIMSetup.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Aleš\Local Settings\Temp\SimboApp.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Aleš\Local Settings\Temp\SweetIESetup.exe.7z (PUP.Optional.SweetPacks.A) -> Nebyla provedena žádná instrukce.
E:\System Volume Information\_restore{AA1C96B4-D1C2-49B3-B362-8782D0DBC242}\RP39\A0007909.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
G:\System Volume Information\_restore{9C1F6054-0661-48C1-AE02-BE57C1AC45B2}\RP742\A0124821.exe (PUP.Optional.FunWebProducts.A) -> Nebyla provedena žádná instrukce.
G:\System Volume Information\_restore{AA1C96B4-D1C2-49B3-B362-8782D0DBC242}\RP38\A0007847.exe (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
G:\System Volume Information\_restore{AA1C96B4-D1C2-49B3-B362-8782D0DBC242}\RP39\A0008050.exe (PUP.Optional.FunWebProducts.A) -> Nebyla provedena žádná instrukce.
G:\Inst-vše\inst p4\virtual\daemon403-x86.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.

(konec)

S pozdravem AlešV

#4 Příspěvek od **vyosek** » 02 led 2014 10:45

Nalezy MBAMu smazte, objevi se log, ten rad uvidim

AlešV · #5 Příspěvek od **AlešV** » 02 led 2014 11:54

Provedl jsem odstranění nálezu.

Zde přikládám log.
-----------------------------
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.31.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Aleš :: P4-PC [administrátor]

Ochrana: Zakázána

31.12.2013 22:55:51
mbam-log-2013-12-31 (22-55-51).txt

Typ: Kompletní kontrola (C:\|E:\|F:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 369189
Uplynulý čas: 1 hodin, 19 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 10
C:\Documents and Settings\Aleš\Local Settings\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Aleš\Local Settings\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Aleš\Local Settings\Temp\Shortcut_SweetIMSetup.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Aleš\Local Settings\Temp\SimboApp.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Aleš\Local Settings\Temp\SweetIESetup.exe.7z (PUP.Optional.SweetPacks.A) -> Přesun do karantény a smazání se zdařilo.
E:\System Volume Information\_restore{AA1C96B4-D1C2-49B3-B362-8782D0DBC242}\RP39\A0007909.exe (Adware.WhenU) -> Přesun do karantény a smazání se zdařilo.
G:\System Volume Information\_restore{9C1F6054-0661-48C1-AE02-BE57C1AC45B2}\RP742\A0124821.exe (PUP.Optional.FunWebProducts.A) -> Přesun do karantény a smazání se zdařilo.
G:\System Volume Information\_restore{AA1C96B4-D1C2-49B3-B362-8782D0DBC242}\RP38\A0007847.exe (PUP.Optional.SweetIM) -> Přesun do karantény a smazání se zdařilo.
G:\System Volume Information\_restore{AA1C96B4-D1C2-49B3-B362-8782D0DBC242}\RP39\A0008050.exe (PUP.Optional.FunWebProducts.A) -> Přesun do karantény a smazání se zdařilo.
G:\Inst-vše\inst p4\virtual\daemon403-x86.exe (Adware.WhenU) -> Přesun do karantény a smazání se zdařilo.

(konec)

AlešV

#6 Příspěvek od **vyosek** » 02 led 2014 18:55

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

AlešV · #7 Příspěvek od **AlešV** » 03 led 2014 13:09

Test proběhl, ale až na druhý pokus.

Během prvního pokusu mi to spadlo do modrý smrti. Né že by se mi to ještě nikdy nestalo, jen velmi zřídka, tak nevím zda to nemělo nějakou spojitost s testem, která by stála za povšimnutí.

(BAD_POOL_CALLER) toto mimo jiné bylo na modré obrazovce.

Zde přikládám logy:
------------------------------
OTL logfile created on: 3.1.2014 12:40:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aleš\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 670,63 Mb Available Physical Memory | 65,52% Memory free
2,40 Gb Paging File | 2,16 Gb Available in Paging File | 89,98% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 8,09 Gb Free Space | 27,61% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 19,09 Gb Free Space | 39,09% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 13,60 Gb Free Space | 27,86% Space Free | Partition Type: NTFS
Drive G: | 105,93 Gb Total Space | 17,21 Gb Free Space | 16,25% Space Free | Partition Type: NTFS

Computer Name: P4-PC | User Name: Aleš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.01.03 12:13:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aleš\Plocha\OTL.exe
PRC - [2013.10.23 15:01:10 | 000,300,552 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013.10.23 14:55:28 | 000,948,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.05.15 11:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2010.12.17 18:12:56 | 000,332,288 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
PRC - [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.09.17 20:11:40 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.09.17 20:11:38 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.04.16 15:28:22 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe

========== Modules (No Company Name) ==========

MOD - [2011.04.25 12:25:18 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\ssj1mlm.dll
MOD - [2010.12.17 18:13:00 | 000,049,664 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
MOD - [2010.12.17 18:12:56 | 000,332,288 | ---- | M] () -- C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
MOD - [2009.09.11 16:03:14 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.10.23 15:01:10 | 000,022,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.05.15 11:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2005.01.14 09:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ae15qzzx)
DRV - [2013.12.31 00:21:35 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.03.14 07:36:08 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SSPORT.sys -- (SSPORT)
DRV - [2008.09.24 10:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2005.04.08 10:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc027.sys -- (PAC207)
DRV - [2001.08.17 21:19:38 | 000,037,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1370mp.sys -- (ES1370)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1390067357-573735546-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1390067357-573735546-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1390067357-573735546-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2014.01.03 12:32:29 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1390067357-573735546-725345543-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-573735546-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1390067357-573735546-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} http://10.0.0.140/WebClient.cab (WebClient Control)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/ ... anager.cab (Microsoft Download Manager ActiveX control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90CAB7D3-BBCB-497C-8E1E-CB634F436441}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Aleš\Dokumenty\Obrázky\P8041755.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Aleš\Dokumenty\Obrázky\P8041755.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.12.15 13:09:13 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.H264 - C:\WINDOWS\System32\th264codec.dll (TDP5)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2014.01.03 12:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014.01.03 12:13:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Aleš\Plocha\OTL.exe
[2014.01.03 00:03:10 | 009,845,104 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Aleš\Plocha\WindowsXP-WindowsMedia-KB2378111-x86-CSY.exe
[2014.01.02 23:56:51 | 002,173,504 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Aleš\Plocha\WindowsXP-KB941569-x86-CSY.exe
[2014.01.02 23:24:53 | 000,843,672 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Aleš\Plocha\WindowsXP-WindowsMedia-KB975558-x86-CSY.exe
[2014.01.02 20:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AC3Filter
[2014.01.02 20:13:12 | 000,000,000 | ---D | C] -- C:\Program Files\AC3Filter
[2014.01.02 20:07:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Nová složka
[2014.01.02 15:59:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Xvid
[2014.01.02 15:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2014.01.02 15:55:15 | 010,768,856 | ---- | C] (Xvid Team) -- C:\Documents and Settings\Aleš\Plocha\Xvid-1.3.2-20110601.exe
[2014.01.02 15:10:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2014.01.02 12:41:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Filmy
[2014.01.01 22:09:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\ČP
[2014.01.01 20:45:58 | 000,016,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2014.01.01 20:45:32 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Connect 2
[2014.01.01 20:43:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2014.01.01 20:43:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2014.01.01 01:44:56 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Aleš\Plocha\Zabezpečení
[2013.12.31 23:15:27 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Documents and Settings\All Users\Dokumenty\mbar-1.07.0.1008.exe
[2013.12.31 23:15:15 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Dokumenty\mbam-setup-1.75.0.1300.exe
[2013.12.31 23:14:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\smazání souboru gmer
[2013.12.31 22:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.12.31 22:53:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.12.31 22:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.12.31 22:27:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Data aplikací\Malwarebytes
[2013.12.31 22:07:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.12.31 22:07:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
[2013.12.31 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.31 20:14:19 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.31 00:21:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DAEMON Tools Lite
[2013.12.31 00:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2013.12.31 00:20:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Data aplikací\DAEMON Tools Lite
[2013.12.31 00:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.12.31 00:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\FreeCommander
[2013.12.31 00:04:41 | 000,000,000 | ---D | C] -- C:\Program Files\FreeCommander
[2013.12.30 23:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Manuály-návody
[2013.12.30 22:56:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Aktivní zálohy
[2013.12.30 22:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\english
[2013.12.30 20:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\3gp videa
[2013.12.30 20:33:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Staré zálohy
[2013.12.30 18:50:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Doc R
[2013.12.30 18:50:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\evidence
[2013.12.30 18:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\DOC
[2013.12.30 18:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\recepty
[2013.12.30 17:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Data aplikací\XnView
[2013.12.30 17:58:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\XnView
[2013.12.30 17:58:19 | 000,000,000 | ---D | C] -- C:\Program Files\XnView
[2013.12.30 12:36:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\Přijaté soubory
[2013.12.30 12:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013.12.30 12:31:38 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.12.29 18:50:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\Identities
[2013.12.29 01:38:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2013.12.28 13:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Dokumenty\KB
[2013.12.27 14:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Aleš\Data aplikací\OpenOffice.org
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.01.03 12:43:00 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{1899CCE9-6A68-45E5-B148-EFFFDAB8F919}.job
[2014.01.03 12:42:40 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2014.01.03 12:42:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.03 12:36:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{D13AB8BA-450A-4977-AF5F-8A010E7AB16F}.job
[2014.01.03 12:36:29 | 000,070,723 | ---- | M] () -- C:\Documents and Settings\Aleš\Plocha\modrá smrt během testu OTL.JPG
[2014.01.03 12:32:58 | 000,013,738 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.03 12:32:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.03 12:13:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Aleš\Plocha\OTL.exe
[2014.01.03 00:03:14 | 009,845,104 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Aleš\Plocha\WindowsXP-WindowsMedia-KB2378111-x86-CSY.exe
[2014.01.02 23:56:59 | 002,173,504 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Aleš\Plocha\WindowsXP-KB941569-x86-CSY.exe
[2014.01.02 23:24:58 | 000,843,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Aleš\Plocha\WindowsXP-WindowsMedia-KB975558-x86-CSY.exe
[2014.01.02 15:55:42 | 010,768,856 | ---- | M] (Xvid Team) -- C:\Documents and Settings\Aleš\Plocha\Xvid-1.3.2-20110601.exe
[2014.01.02 12:44:18 | 000,065,536 | ---- | M] () -- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.02 12:02:18 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.01.01 20:45:50 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2014.01.01 20:45:50 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2014.01.01 20:44:43 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2014.01.01 20:43:56 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.12.31 22:24:10 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Dokumenty\mbam-setup-1.75.0.1300.exe
[2013.12.31 22:05:05 | 012,582,688 | ---- | M] (Malwarebytes Corp.) -- C:\Documents and Settings\All Users\Dokumenty\mbar-1.07.0.1008.exe
[2013.12.31 20:12:48 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\RSIT.exe
[2013.12.30 12:33:36 | 000,001,740 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2013.12.30 00:18:44 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\certifikát2.pfx
[2013.12.29 23:11:14 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\certifikát.pfx
[2013.12.27 14:25:50 | 000,000,875 | ---- | M] () -- C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.03 12:36:28 | 000,070,723 | ---- | C] () -- C:\Documents and Settings\Aleš\Plocha\modrá smrt během testu OTL.JPG
[2014.01.03 12:22:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.02 20:13:13 | 000,497,664 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.acm
[2014.01.01 20:43:56 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2013.12.31 23:14:59 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\RSIT.exe
[2013.12.30 12:32:12 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader 9.lnk
[2013.12.30 12:32:12 | 000,001,740 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2013.12.30 00:18:35 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\certifikát2.pfx
[2013.12.29 23:14:34 | 000,266,533 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\adresář.WAB
[2013.12.29 23:11:14 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Dokumenty\certifikát.pfx
[2013.12.27 14:25:50 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\Aleš\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.1.lnk
[2013.12.27 14:13:24 | 000,065,536 | ---- | C] () -- C:\Documents and Settings\Aleš\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.26 18:49:02 | 000,000,013 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2013.12.26 18:08:21 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2013.12.25 19:55:53 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2013.12.22 22:09:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.12.15 18:50:35 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2013.12.15 18:50:34 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2013.12.15 18:50:34 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\amd422codec.dll
[2013.12.15 18:18:28 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\ssj1mlm.dll
[2013.12.15 17:58:54 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.12.15 17:58:38 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.12.15 17:51:20 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.12.15 17:51:20 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.12.15 17:51:20 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.12.15 17:51:07 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.12.15 13:11:47 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.12.15 13:05:49 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.12.15 12:55:27 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.12.15 12:54:07 | 000,112,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

========== ZeroAccess Check ==========

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.12.15 18:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org
[2013.12.15 18:19:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Samsung
[2013.12.31 00:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\DAEMON Tools Lite
[2013.12.27 14:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\OpenOffice.org
[2013.12.26 00:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Samsung
[2013.12.30 18:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\XnView
[2013.12.31 00:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.12.15 18:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.12.29 01:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\OpenOffice.org
[2013.12.29 01:26:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\Samsung

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013.12.15 13:06:59 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.12.15 13:14:30 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.12.22 23:34:28 | 000,000,482 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1899CCE9-6A68-45E5-B148-EFFFDAB8F919}.job
[2013.12.22 23:59:05 | 000,000,396 | -H-- | C] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2013.12.26 16:09:58 | 000,000,464 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D13AB8BA-450A-4977-AF5F-8A010E7AB16F}.job

< >

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 00:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 10:54:36 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=33081FED75032291EE0E008D5385E86F -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\services.exe
[2009.02.09 11:11:38 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=4F9F7B567970B524F31D9970A23F7C24 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\services.exe
[2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 08:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\1e9d9a006d29b64c2ee3318c1ab83636\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\1e9d9a006d29b64c2ee3318c1ab83636\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\24dbe81c2694cc07bf1d1374498ce342\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\24dbe81c2694cc07bf1d1374498ce342\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3304cd0fd280a9013a6a54c3833dd805\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3304cd0fd280a9013a6a54c3833dd805\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\36a403eae405ef97aa0ef64c1d6bb90c\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\36a403eae405ef97aa0ef64c1d6bb90c\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\54e37a6dece71fa5dbed64445de0d7fa\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\54e37a6dece71fa5dbed64445de0d7fa\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\68554a9e3e027ecd69155fabaadaa428\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\68554a9e3e027ecd69155fabaadaa428\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\698b54fc16135b30df47e6b6a04b82fe\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\698b54fc16135b30df47e6b6a04b82fe\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8b70c62c88f9335c045c937f839d4309\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8b70c62c88f9335c045c937f839d4309\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8e8fb6c243dc806cf8d12f60695a91d8\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8e8fb6c243dc806cf8d12f60695a91d8\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a1f869e0518e65327615d22085ca14c6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a1f869e0518e65327615d22085ca14c6\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a9de1b2071cad5998138befbe3b835b7\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a9de1b2071cad5998138befbe3b835b7\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\bf80e52aec7f33eeff24a34170f0666a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\bf80e52aec7f33eeff24a34170f0666a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c863332b801f1ce827c15142376776c4\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c863332b801f1ce827c15142376776c4\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d19c7542001d3ac83634e213d52b0edb\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d19c7542001d3ac83634e213d52b0edb\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d68c8f894d5c977ae4c7bf1ac940b887\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d68c8f894d5c977ae4c7bf1ac940b887\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\dfe7c0b9ab030a4868f5b512a03cb9f5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\dfe7c0b9ab030a4868f5b512a03cb9f5\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\f92a703d430c20c560b87f46a8bc13ab\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f92a703d430c20c560b87f46a8bc13ab\*.tmp -> ]
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.12.26 16:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Adobe
[2013.12.31 00:27:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\DAEMON Tools Lite
[2013.12.26 00:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Identities
[2013.12.26 17:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Macromedia
[2013.12.31 22:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Malwarebytes
[2013.12.29 18:50:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Aleš\Data aplikací\Microsoft
[2013.12.27 14:24:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\OpenOffice.org
[2013.12.26 00:11:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Samsung
[2013.12.28 19:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\Skype
[2013.12.30 18:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Aleš\Data aplikací\XnView

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014.01.03 12:42:40 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2014.01.03 12:48:00 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1899CCE9-6A68-45E5-B148-EFFFDAB8F919}.job
[2014.01.03 12:36:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D13AB8BA-450A-4977-AF5F-8A010E7AB16F}.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2013.12.31 00:21:35 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2013.12.15 12:46:37 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.12.15 12:46:37 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.12.15 12:46:37 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.01.01 20:45:50 | 000,016,832 | ---- | M] () -- C:\WINDOWS\system32\amcompat.tlb
[2014.01.01 20:45:50 | 000,023,392 | ---- | M] () -- C:\WINDOWS\system32\nscompat.tlb
[2014.01.03 12:32:58 | 000,013,738 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.03 12:42:11 | 000,000,512 | ---- | M] () MD5=9EF567488D5CDB76CDC45298D719629B -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2013.12.15 19:25:03 | 000,001,737 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\635LHFY6\ajax-loader[1].gif
[2013.12.23 21:08:27 | 000,000,701 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\635LHFY6\fontLoader[1].swf
[2013.12.23 01:37:35 | 000,001,737 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\635LHFY6\loader[1].gif
[2013.12.30 02:00:27 | 000,003,061 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\635LHFY6\rmsloaderdelayeddiv[1].js
[2013.12.24 11:14:49 | 000,000,723 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8FFIZ54V\ajax-loader[1].gif
[2013.12.24 11:34:52 | 000,001,231 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8FFIZ54V\oneMscomJsCssLoader[1].js
[2013.12.24 11:39:52 | 000,001,232 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\8FFIZ54V\oneMscomJsCssLoader[2].js
[2013.12.25 16:28:24 | 000,004,448 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\9VC6EI2M\Advert.Advantage.Reloader[1].js
[2013.12.25 16:30:00 | 000,004,300 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\9VC6EI2M\Advert.Advantage.Reloader[2].js
[2013.12.23 18:54:13 | 000,001,231 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\9VC6EI2M\oneMscomJsCssLoader[1].js
[2013.12.23 21:08:33 | 000,000,177 | ---- | M] () -- \Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\ZYDOTLXJ\loaderxml[1].swf
[2011.08.11 10:28:56 | 000,049,792 | ---- | M] () -- \Documents and Settings\Aleš\Dokumenty\Aktivní zálohy\KINGSTON 4GB\urDrive\Resources\MaxthonPortable\Bin\MxAppLoader.exe
[2011.08.11 10:29:06 | 000,244,864 | ---- | M] () -- \Documents and Settings\Aleš\Dokumenty\Aktivní zálohy\KINGSTON 4GB\urDrive\Resources\MaxthonPortable\Bin\MxDownloader.dll
[2013.12.31 14:48:13 | 000,003,061 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\635LHFY6\rmsloaderdelayeddiv[1].js
[2014.01.02 22:54:37 | 000,001,232 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\SS7R9X9S\oneMscomJsCssLoader[1].js
[2014.01.01 19:25:27 | 000,003,061 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\SS7R9X9S\rmsloaderdelayeddiv[1].js
[2014.01.02 20:01:21 | 000,004,448 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\TDC9RFFI\Advert.Advantage.Reloader[1].js
[2014.01.01 16:30:48 | 000,004,178 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\TDC9RFFI\ajax-loader[1].gif
[2014.01.01 19:25:32 | 000,017,417 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\UGLRJHT2\loader[1].js
[2014.01.02 22:46:38 | 000,001,231 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\UGLRJHT2\oneMscomJsCssLoader[1].js
[2014.01.02 22:53:29 | 000,001,231 | ---- | M] () -- \Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\UGLRJHT2\oneMscomJsCssLoader[2].js
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2009.09.16 22:33:50 | 000,006,308 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2009.09.16 15:22:08 | 000,022,528 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2009.09.17 20:12:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2009.09.11 16:36:38 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2009.09.16 15:00:48 | 000,003,872 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2004.08.18 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[6 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< End of report >

---------------------

OTL Extras logfile created on: 3.1.2014 12:40:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Aleš\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 670,63 Mb Available Physical Memory | 65,52% Memory free
2,40 Gb Paging File | 2,16 Gb Available in Paging File | 89,98% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 29,29 Gb Total Space | 8,09 Gb Free Space | 27,61% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 19,09 Gb Free Space | 39,09% Space Free | Partition Type: NTFS
Drive F: | 48,83 Gb Total Space | 13,60 Gb Free Space | 27,86% Space Free | Partition Type: NTFS
Drive G: | 105,93 Gb Total Space | 17,21 Gb Free Space | 16,25% Space Free | Partition Type: NTFS

Computer Name: P4-PC | User Name: Aleš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe" = C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe:*:Enabled:CDA Server -- ()
"C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe" = C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe:*:Enabled:Easy Printer Manager -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe" = C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe:*:Enabled:EPM Order Supplies -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe" = C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe:*:Enabled:EPM Alert -- (Samsung Electronics Co., Ltd.)
"C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe" = C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe:*:Enabled:CDA Scan2PC -- ()
"C:\Program Files\ControlCenter\iptool.exe" = C:\Program Files\ControlCenter\iptool.exe:*:Enabled:IPTool -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\ControlCenter\controlcenter.exe" = C:\Program Files\ControlCenter\controlcenter.exe:*:Enabled:ControlCenter -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{654977DB-0001-0002-0001-EABD228DDE8B}" = Microsoft Download Manager
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.5 - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{E5EDA1E6-5FDD-4B29-8399-6022B81C3A7C}" = ControlCenter
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"FreeCommander_is1" = FreeCommander 2009.02b
"H264" = H264 Video Codec
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft Security Client" = Microsoft Security Essentials
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung ML-2160 Series" = Samsung ML-2160 Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XnView_is1" = XnView 1.97.8
"Xvid Video Codec 1.3.2" = Xvid Video Codec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.1.2014 11:57:12 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:12 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:12 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:42 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 2.1.2014 11:57:42 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:42 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:42 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:42 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 11:57:42 | Computer Name = P4-PC | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Zvolený server nemůže provést požadovanou operaci.

Error - 2.1.2014 18:37:16 | Computer Name = P4-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace iexplore.exe, verze 8.0.6001.18702, chybující modul
mshtml.dll, verze 8.0.6001.23543, adresa chyby 0x000da2cc.

[ System Events ]
Error - 30.12.2013 7:24:42 | Computer Name = P4-PC | Source = W32Time | ID = 39452689
Description = Klient NTP zprostředkovatele časových údajů: Při vyhledávání DNS ručně
nakonfigurovaného partnera time.windows.com,0x1 došlo k chybě. Klient NTP se pokusí
o vyhledání pomocí služby DNS znovu za 15 minut. Chyba: Došlo k pokusu o operaci
se soketem v okamžiku nedosažitelnosti hostitele. (0x80072751)

Error - 30.12.2013 7:24:42 | Computer Name = P4-PC | Source = W32Time | ID = 39452701
Description = Klient NTP zprostředkovatele časových údajů je konfigurován pro získávání
časových údajů z jednoho nebo více zdrojů času. Žádný z těchto zdrojů však není
aktuálně k dispozici. Po dobu 14 minut nebude proveden žádný pokus o kontaktování
zdroje. Klient NTP nemá k dispozici žádný zdroj času.

Error - 31.12.2013 12:16:57 | Computer Name = P4-PC | Source = atapi | ID = 262153
Description = Zařízení \Device\Ide\IdePort0 neodpovídá v periodě časového limitu.

Error - 31.12.2013 17:48:59 | Computer Name = P4-PC | Source = Service Control Manager | ID = 7011
Description = Vypršel časový limit (30000 milisekund) čekání na odezvu transakce
služby NVSvc.

Error - 31.12.2013 18:04:45 | Computer Name = P4-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.141 pro síťovou kartu s adresou 005004EE518F
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 1.1.2014 17:59:33 | Computer Name = P4-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.165.948.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.10201.0 Kód
chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.

Error - 1.1.2014 20:58:18 | Computer Name = P4-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.165.948.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: http://www.microsoft.com Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel:
NT AUTHORITY\SYSTEM Aktuální verze modulu: Předchozí verze modulu: 1.1.10201.0 Kód
chyby: 0x8024402c Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím.
Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a
podpoře.

Error - 2.1.2014 6:34:51 | Computer Name = P4-PC | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.

Error - 2.1.2014 6:34:51 | Computer Name = P4-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde

Error - 3.1.2014 7:33:18 | Computer Name = P4-PC | Source = System Error | ID = 1003
Description = Kód chyby 000000c2, parametr1 00000007, parametr2 00000cd4, parametr3
e4224620, parametr4 e4224428.

< End of report >

AlešV

#8 Příspěvek od **vyosek** » 03 led 2014 15:56

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ae15qzzx)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-1390067357-573735546-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1390067357-573735546-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
[2013.12.31 23:15:27 | 012,582,688 | ---- | C] (Malwarebytes Corp.) -- C:\Documents and Settings\All Users\Dokumenty\mbar-1.07.0.1008.exe
[2013.12.31 23:15:15 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\All Users\Dokumenty\mbam-setup-1.75.0.1300.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\1e9d9a006d29b64c2ee3318c1ab83636\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\1e9d9a006d29b64c2ee3318c1ab83636\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\24dbe81c2694cc07bf1d1374498ce342\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\24dbe81c2694cc07bf1d1374498ce342\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3304cd0fd280a9013a6a54c3833dd805\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3304cd0fd280a9013a6a54c3833dd805\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\36a403eae405ef97aa0ef64c1d6bb90c\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\36a403eae405ef97aa0ef64c1d6bb90c\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\54e37a6dece71fa5dbed64445de0d7fa\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\54e37a6dece71fa5dbed64445de0d7fa\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\68554a9e3e027ecd69155fabaadaa428\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\68554a9e3e027ecd69155fabaadaa428\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\698b54fc16135b30df47e6b6a04b82fe\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\698b54fc16135b30df47e6b6a04b82fe\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8b70c62c88f9335c045c937f839d4309\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8b70c62c88f9335c045c937f839d4309\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8e8fb6c243dc806cf8d12f60695a91d8\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8e8fb6c243dc806cf8d12f60695a91d8\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a1f869e0518e65327615d22085ca14c6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a1f869e0518e65327615d22085ca14c6\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a9de1b2071cad5998138befbe3b835b7\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a9de1b2071cad5998138befbe3b835b7\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\bf80e52aec7f33eeff24a34170f0666a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\bf80e52aec7f33eeff24a34170f0666a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c863332b801f1ce827c15142376776c4\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c863332b801f1ce827c15142376776c4\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d19c7542001d3ac83634e213d52b0edb\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d19c7542001d3ac83634e213d52b0edb\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d68c8f894d5c977ae4c7bf1ac940b887\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d68c8f894d5c977ae4c7bf1ac940b887\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\dfe7c0b9ab030a4868f5b512a03cb9f5\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\dfe7c0b9ab030a4868f5b512a03cb9f5\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\f92a703d430c20c560b87f46a8bc13ab\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\f92a703d430c20c560b87f46a8bc13ab\*.tmp -> ]
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[2014.01.03 12:42:40 | 000,000,396 | -H-- | M] () -- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
[2014.01.03 12:48:00 | 000,000,482 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1899CCE9-6A68-45E5-B148-EFFFDAB8F919}.job
[2014.01.03 12:36:45 | 000,000,464 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{D13AB8BA-450A-4977-AF5F-8A010E7AB16F}.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

AlešV · #9 Příspěvek od **AlešV** » 03 led 2014 16:13

OK ... proběhlo jak jste psal

---------------------------

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Error: No service named ae15qzzx was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ae15qzzx deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1390067357-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1390067357-573735546-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Documents and Settings\All Users\Dokumenty\mbar-1.07.0.1008.exe moved successfully.
C:\Documents and Settings\All Users\Dokumenty\mbam-setup-1.75.0.1300.exe moved successfully.
C:\WINDOWS\002693_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\CSC\csc1.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\BIT1D.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\BIT18.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\1e9d9a006d29b64c2ee3318c1ab83636\BIT2C.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\24dbe81c2694cc07bf1d1374498ce342\BIT1F.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\3304cd0fd280a9013a6a54c3833dd805\BIT21.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\36a403eae405ef97aa0ef64c1d6bb90c\BIT22.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\BITB.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\54e37a6dece71fa5dbed64445de0d7fa\BIT9.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\BIT8.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\68554a9e3e027ecd69155fabaadaa428\BITC.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\698b54fc16135b30df47e6b6a04b82fe\BITF.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\834d0b8194d0e2adae772742ccac9d71\BIT14.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\8b70c62c88f9335c045c937f839d4309\BIT1E.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\8e8fb6c243dc806cf8d12f60695a91d8\BIT5.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\a1f869e0518e65327615d22085ca14c6\BIT3.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\a9de1b2071cad5998138befbe3b835b7\BIT19.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\b48d9a79db7e4c0a0eb0005525d458db\BIT6.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\bf80e52aec7f33eeff24a34170f0666a\BIT15.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\c863332b801f1ce827c15142376776c4\BITD.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\BIT9.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\d19c7542001d3ac83634e213d52b0edb\BITA.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\d68c8f894d5c977ae4c7bf1ac940b887\download\BIT4E.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\dfe7c0b9ab030a4868f5b512a03cb9f5\BITA.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\f92a703d430c20c560b87f46a8bc13ab\BIT1A.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\SET53.tmp deleted successfully.
C:\WINDOWS\system32\SET56.tmp deleted successfully.
C:\WINDOWS\system32\SET5A.tmp deleted successfully.
C:\WINDOWS\system32\SET62.tmp deleted successfully.
C:\WINDOWS\system32\SET64.tmp deleted successfully.
C:\WINDOWS\Temp\Ins94.tmp deleted successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{1899CCE9-6A68-45E5-B148-EFFFDAB8F919}.job moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{D13AB8BA-450A-4977-AF5F-8A010E7AB16F}.job moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 177348820 bytes
->Temporary Internet Files folder emptied: 114776795 bytes
->Flash cache emptied: 972 bytes

User: Aleš
->Temp folder emptied: 73603650 bytes
->Temporary Internet Files folder emptied: 39154256 bytes
->Flash cache emptied: 5925 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest
->Temp folder emptied: 800 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 148748 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 42405480 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 427,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: Aleš
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: Guest

User: LocalService

User: NetworkService

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: Aleš

User: All Users

User: Default User

User: Guest

User: LocalService

User: NetworkService

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 01032014_160235

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Aleš\Local Settings\Temp\~DFED45.tmp not found!
File\Folder C:\Documents and Settings\Aleš\Local Settings\Temp\~DFED53.tmp not found!
File\Folder C:\Documents and Settings\Aleš\Local Settings\Temp\~DFEDDD.tmp not found!
File\Folder C:\Documents and Settings\Aleš\Local Settings\Temp\~DFEDEB.tmp not found!
File\Folder C:\Documents and Settings\Aleš\Local Settings\Temp\~DFEED1.tmp not found!
File\Folder C:\Documents and Settings\Aleš\Local Settings\Temp\~DFEEDF.tmp not found!
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\SRL5TPGG\afr[1].htm moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\SRL5TPGG\like_box[1].htm moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\SRL5TPGG\viewtopic[1].php moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\R5CI878D\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\7LJ68KM7\poeta_cz[1].htm moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\Content.IE5\7LJ68KM7\xd_arbiter[1].htm moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
C:\Documents and Settings\Aleš\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

AlešV

#10 Příspěvek od **vyosek** » 03 led 2014 16:16

Jak se chova PC??

AlešV · #11 Příspěvek od **AlešV** » 03 led 2014 16:40

Zatím jsem nezpozoroval zvláštní chování.

Tak hluboce nerozumím všem posledním "ozdravným" procesům ,ale jestli to správně chápu tak odstraněné soubory nějak souvisely s činností a přítomností škodlivých programů?
-----
Asi jediná věc o které si nejsem jist zda jsem ji nezpůsobil já, je následující.

- Upgradoval jsem Windows media player na verzi 11.
vše asi OK
- při dalším spuštění mi to nabídlo nové aktualizace (část z nich dle názvu souvisela s WMP)
zatím ještě OK
-otevřel jsem aktualizaci vybral nabídku vlastní (zde jsem si prohlédl ony nabízené aktualizace) a nechal okno otevřené bez jakéhokoliv potvrzování.

stalo se následující - (asi proto že mám nastavené aktualizace na 12:00) úderem 12-té ono okno zmizelo a tak jsem chtěl zkontrolovat jak to s tou instalací je a případně ji udělat ručně neb mi to už znova nenabízelo.
----
Zjistil jsem tuto věc a mám pocit že to je špatně---

1) ve Winnows update mi to už nic nenabízí a v historii aktualizací jsou ony balíčky KBxxxxxx zobrazeny jako úspěčně nainstalované

2) ovládací panely/přidat nebo odebrat programy- zde mi tyto poslední aktualizace v seznamu chybí

?? dokázal byste odpovědět zda je tento z mého pohledu nesoulad v pořádku?

AlešV

AlešV · #12 Příspěvek od **AlešV** » 03 led 2014 20:40

Ještě dodatek

Právě jsem zjistil, že mi nefunguje v internetovém vyhledávači IE8 , v pravém horním rohu funkce vyhledávání. Dokonce mám pocit, že se tam dříve zobrazovalo "Live search" nyní je tam pouze lupa a při zadání čehokoliv se prakticky nic nestane.

Pokud je tahle funkce nějakým zásahem jenom zakázaná nebo zrušená tak bych to snad ani nehrotil, stejně jsem si chtěl nainstalovat googl.

AV

#13 Příspěvek od **vyosek** » 04 led 2014 23:54

Windows Media Player - doporucuji kontaktovat technickou podporu Microsofu

Vyhledavac IE - kuk sem http://windows.microsoft.com/cs-cz/wind ... =windows-7

AlešV · #14 Příspěvek od **AlešV** » 06 led 2014 19:30

OK, díky moc za cenné rady. Jistě Vašich služeb nejednou využiju.
Rád podpořím za věnovaný čas a ještě jeden dík navrch za pohotové rady.

S pozdravem AlešV

#15 Příspěvek od **vyosek** » 07 led 2014 11:08

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Za podporu fora jemnem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat

VIRY.CZ

podezření na infekci ?

podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?

Re: podezření na infekci ?