Vyskakující reklamy apod.

Zpráva

Bajtys · #16 Příspěvek od **Bajtys** » 19 led 2014 14:22

========== LOP Check ==========

[2010.10.15 05:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.12.21 17:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2010.08.11 14:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.09.22 15:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2012.07.04 19:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Connectify
[2009.12.24 22:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.12.24 13:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\dc60de014abbdb08
[2010.12.18 09:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2010.12.18 09:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2014.01.18 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2013.12.24 13:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2010.01.21 13:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2013.12.22 11:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Origin
[2010.02.15 13:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
[2010.03.15 02:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.12.22 14:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plugins
[2011.08.17 19:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2010.12.19 17:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.03.10 18:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2009.12.25 18:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.08.10 21:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TmForever
[2009.12.03 22:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.06.24 10:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tunngle
[2012.07.01 12:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VirtualWifiRouter
[2011.10.15 18:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Xilisoft
[2009.12.03 22:35:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2013.01.24 15:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2010.08.28 14:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\2K Sports
[2011.07.19 12:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Airport Control Simulator
[2011.01.30 09:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Audacity
[2011.03.19 17:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\avidemux
[2013.12.31 00:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BitComet
[2010.03.14 21:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BlackBean
[2010.03.14 09:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\com.adobe.ExMan
[2009.12.27 14:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Cool Record Edit Pro
[2009.12.24 22:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DAEMON Tools Lite
[2012.03.03 11:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DDMSettings
[2010.11.28 07:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Dropbox
[2010.06.21 18:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Facebook
[2011.09.23 18:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\GetRightToGo
[2010.04.25 06:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\gtk-2.0
[2013.01.24 15:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ICQ Search
[2011.09.20 15:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ImTOO
[2009.12.25 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Leadertech
[2013.01.27 16:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Miranda
[2011.10.15 18:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\MOVAVI
[2010.03.15 02:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Nokia
[2010.11.03 22:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Opera
[2012.07.24 22:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Oracle
[2009.12.29 15:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Outertech
[2010.03.15 01:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PC Suite
[2011.02.19 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PhotoScape
[2010.09.28 15:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Playrix Entertainment
[2010.01.07 13:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PowerChallenge
[2012.04.08 12:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ProtectDISC
[2010.12.19 17:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Publish Providers
[2013.01.27 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QIP
[2013.10.05 13:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QipGuard
[2010.01.21 20:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\SMS posílač Treca
[2010.12.19 17:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sony
[2012.06.09 12:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sports Interactive
[2010.04.08 19:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Stardock
[2010.02.14 02:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TeamViewer
[2009.12.03 22:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TuneUp Software
[2011.08.08 14:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Tunngle
[2011.10.15 20:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Xilisoft
[2009.12.03 22:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.12.03 21:54:21 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.03 22:03:05 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.12.03 22:35:56 | 000,000,482 | ---- | C] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2009.12.03 22:36:39 | 000,000,474 | ---- | C] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
[2010.01.03 22:28:29 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2011.07.27 00:17:11 | 000,000,966 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003Core.job
[2011.07.27 00:17:11 | 000,001,018 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003UA.job
[2012.03.03 14:28:14 | 000,000,402 | -H-- | C] () -- C:\WINDOWS\Tasks\Norton Security Scan for XXX.job
[2012.09.17 16:08:44 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.08.28 14:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\2K Sports
[2010.07.24 10:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Adobe
[2009.12.27 10:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\AdobeUM
[2013.03.09 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Ahead
[2011.07.19 12:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Airport Control Simulator
[2010.01.28 20:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Apple Computer
[2011.01.30 09:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Audacity
[2011.03.19 17:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\avidemux
[2013.12.31 00:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BitComet
[2010.03.14 21:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BlackBean
[2010.03.14 09:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\com.adobe.ExMan
[2009.12.27 14:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Cool Record Edit Pro
[2010.02.17 20:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Corel
[2010.03.19 23:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\CyberLink
[2009.12.24 22:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DAEMON Tools Lite
[2012.03.03 11:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DDMSettings
[2010.11.27 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DivX
[2010.11.28 07:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Dropbox
[2010.06.21 18:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Facebook
[2011.09.23 18:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\GetRightToGo
[2011.11.19 09:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Google
[2010.04.25 06:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\gtk-2.0
[2011.06.23 23:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Hamachi
[2013.01.24 15:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ICQ Search
[2009.12.28 19:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Identities
[2011.09.20 15:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ImTOO
[2009.12.03 22:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\InstallShield
[2009.12.25 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Leadertech
[2011.02.10 22:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Logitech
[2010.03.17 21:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Macromedia
[2014.01.18 17:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Malwarebytes
[2010.06.18 22:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Media Player Classic
[2011.06.01 07:25:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\XXX\Data aplikací\Microsoft
[2013.01.27 16:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Miranda
[2011.10.15 18:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\MOVAVI
[2009.12.29 16:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Mozilla
[2010.08.10 23:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Mozilla-Cache
[2010.03.15 02:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Nokia
[2013.12.26 14:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\NVIDIA
[2010.11.03 22:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Opera
[2012.07.24 22:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Oracle
[2009.12.29 15:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Outertech
[2010.03.15 01:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PC Suite
[2011.02.19 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PhotoScape
[2010.09.28 15:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Playrix Entertainment
[2010.01.07 13:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PowerChallenge
[2012.04.08 12:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ProtectDISC
[2010.12.19 17:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Publish Providers
[2013.01.27 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QIP
[2013.10.05 13:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QipGuard
[2009.12.25 22:51:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\XXX\Data aplikací\SecuROM
[2012.06.29 14:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Skype
[2010.01.23 18:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\skypePM
[2010.01.21 20:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\SMS posílač Treca
[2010.12.19 17:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sony
[2012.06.09 12:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sports Interactive
[2010.04.08 19:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Stardock
[2010.01.07 13:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sun
[2010.02.14 02:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TeamViewer
[2009.12.03 22:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TuneUp Software
[2011.08.08 14:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Tunngle
[2013.12.28 11:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\vlc
[2011.10.15 20:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Xilisoft
[2009.12.03 22:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.06.21 18:51:06 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\XXX\Data aplikací\Facebook\uninstall.exe
[2008.05.29 07:03:08 | 000,037,176 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.10 22:36:36 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.08.22 06:35:03 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_4B2CDCFF15405048D32BC6.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_5FAA040CB493285110E4EC.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_919A61A2B1C2C85D5E1B9C.exe
[2010.08.22 06:35:03 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_B2F4B2A6032FB9D21989BF.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_C2E50E5151C2F40E0D02BA.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_F2153A3970973E90AB0DD8.exe
[2010.07.19 08:12:35 | 000,077,542 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{B702F355-FE10-D065-C6DD-3706595EB1CD}\ARPPRODUCTICON.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_4DC6AAE9438378DF76C3F3.exe
[2010.05.20 14:44:47 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_60254AFE777DA71F4F266E.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_8483CE15E247BDB55C2F11.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_A5DE9F8D3609E7C6ADF25F.exe
[2010.05.20 14:44:47 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_A8649BF73BE3C919A6E053.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_D17E6B9E68C7E08F42A046.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_055F6B2630BC04E2E5D714.exe
[2011.03.15 15:40:41 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_2EA1A803521A3222FC0C68.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_3DDEFDAF76D60744EBFD50.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_48B0C5CBFEADE9065A18A3.exe
[2011.03.15 15:40:41 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_B175BA0FF18B6C4D29EEA6.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_CAB17EEA2F21493825D73A.exe
[2010.04.27 23:06:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.01.07 13:35:00 | 003,399,680 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\PowerChallenge\MZSoccer\mzsoccer.exe
[2010.01.21 13:55:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\SMS posílač Treca\SMSposilac.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.24 22:14:17 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.12.03 22:28:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.03 22:28:46 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.03 22:28:46 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[2014.01.19 10:17:11 | 000,024,944 | ---- | M] () -- C:\WINDOWS\system32\drivers\GVTDrv.sys

< %systemroot%\system32\*.* /3 >
[2014.01.19 10:17:10 | 000,000,004 | ---- | M] () -- C:\WINDOWS\system32\GVTunner.ref
[2014.01.18 01:03:19 | 083,425,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.01.19 00:36:58 | 000,002,078 | ---- | M] () -- C:\WINDOWS\system32\nvAppTimestamps
[2014.01.19 10:17:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\XXX\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.07.27 00:17:09 | 000,136,176 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.19 12:02:34 | 000,000,512 | ---- | M] () MD5=1C29D5E32554ABF137E04899A7BBD071 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.12.24 13:58:37 | 183,870,535 | ---- | M] () -- \Documents and Settings\XXX\Dokumenty\Downloads\FIFA-14-crack-+-patch.rar
[2013.12.22 11:44:46 | 029,230,945 | ---- | M] () -- \Documents and Settings\XXX\Dokumenty\Downloads\FIFA-14-Crack-Only-V4.rar
[2013.10.28 18:34:14 | 029,347,328 | R--- | M] () -- \Documents and Settings\XXX\Plocha\fifa14-www.skidrowcrack.com.exe
[1 \Documents and Settings\XXX\Plocha\*.tmp files -> \Documents and Settings\XXX\Plocha\*.tmp -> ]
[2013.12.24 14:16:40 | 000,000,716 | ---- | M] () -- \Documents and Settings\XXX\Recent\FIFA-14-crack-+-patch.lnk
[2013.10.28 18:34:14 | 029,347,328 | R--- | M] () -- \hry\FIFA 14\Game\fifa14-www.skidrowcrack.com.exe
[2010.08.10 23:21:42 | 000,002,967 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby\safecrackerkeno.swf
[2010.08.10 23:21:42 | 000,012,201 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby\safecrackerkeno_popup.swf
[2010.08.10 23:21:31 | 000,001,247 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\bjbar_safecrackerkeno_icon.jpg
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.10.02 14:44:58 | 000,010,145 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm.vir
[2012.07.20 21:29:25 | 000,000,047 | ---- | M] () -- \Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\extensions\youtubedownloader@mybrowserbar.com
[2010.01.07 13:42:02 | 000,007,026 | ---- | M] () -- \Documents and Settings\XXX\Data aplikací\PowerChallenge\powerloader.log
[2011.12.29 15:06:58 | 000,000,952 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\SRDownloader.nast
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.49\WinXP\English\GFExperience\ExtensionLoader.dll
[2013.11.08 21:48:39 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\331.82\WinXP\English\GFExperience\ExtensionLoader.dll
[2008.08.28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.01.02 09:10:42 | 000,049,152 | R--- | M] () -- \Program Files\Futuremark\3DMark06\PhysXLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{F4BD3399-3876-433A-B3AD-87CCC4E86765}\ExtensionLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 10:57:24 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 10:57:24 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2010.08.10 23:21:46 | 000,002,688 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multihandbj\Loader.swf
[2010.08.10 23:21:51 | 000,002,688 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\fcgames\roulette\Loader.swf
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.10.08 20:03:00 | 000,005,932 | ---- | M] () -- \Program Files\Xilisoft\PowerPoint to Video Converter Free\plugins\loader.avsi
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2009.12.28 11:41:40 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.08.07 17:26:48 | 000,266,952 | ---- | M] () -- \WINDOWS\Downloaded Program Files\PowerLoader.dll
[2009.08.07 17:23:50 | 000,000,791 | ---- | M] () -- \WINDOWS\Downloaded Program Files\PowerLoader.inf
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[11 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2010.01.18 07:30:50 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.01.12 06:54:44 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >
[2013.12.31 00:39:31 | 000,018,480 | ---- | M] () -- \Documents and Settings\XXX\Data aplikací\BitComet\rules\dhtnodes.dat

< *AutoKMS* /s >

< *activator* /s >
[2008.08.14 07:56:12 | 000,003,942 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008.08.14 07:56:10 | 000,001,489 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2014.01.13 00:32:35 | 000,003,072 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_serialy.kinotip.in_0.localstorage
[2014.01.13 00:32:35 | 000,003,608 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_serialy.kinotip.in_0.localstorage-journal
[2013.12.25 23:40:54 | 000,003,072 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2013.12.25 23:40:54 | 000,003,608 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2009.12.26 10:03:18 | 000,000,170 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Rockstar Games\GTA IV\Settings\serial.dat
[2008.08.28 16:40:42 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008.08.28 16:40:42 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008.08.06 10:45:18 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008.08.06 10:45:18 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008.09.19 04:10:54 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008.09.19 04:10:54 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008.08.14 07:56:46 | 000,059,514 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 23:46:33 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.08.24 18:01:46 | 000,450,560 | ---- | M] () -- \Program Files\Sony\Vegas Pro 9.0\CoreGraphics.XmlSerializers.dll
[2009.08.24 18:01:48 | 000,311,296 | ---- | M] () -- \Program Files\Sony\Vegas Pro 9.0\CoreUI.XmlSerializers.dll
[2004.08.17 14:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.12.27 09:17:33 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.11 23:51:25 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.12 01:42:37 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.05 14:56:39 | 001,262,080 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreGraphics.XmlSer#\c2089f9e3d0bf3d1b5e4a9d88609be59\CoreGraphics.XmlSerializers.ni.dll
[2013.10.05 14:56:56 | 000,864,256 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreUI.XmlSerialize#\4ed9d7611080713e91e977f298eebd14\CoreUI.XmlSerializers.ni.dll
[2013.10.05 13:25:21 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.05 14:55:04 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2013.12.25 10:40:54 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.25 10:40:35 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab90a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.12.24 12:48:09 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.12.25 09:35:03 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.12.24 12:48:08 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.12.25 09:34:58 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 13:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[11 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >========== LOP Check ==========

[2010.10.15 05:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.12.21 17:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2010.08.11 14:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.09.22 15:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Codemasters
[2012.07.04 19:27:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Connectify
[2009.12.24 22:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.12.24 13:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\dc60de014abbdb08
[2010.12.18 09:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2010.12.18 09:50:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2014.01.18 16:41:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2013.12.24 13:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2010.01.21 13:55:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2013.12.22 11:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Origin
[2010.02.15 13:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters Inc
[2010.03.15 02:01:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.12.22 14:14:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Plugins
[2011.08.17 19:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2010.12.19 17:03:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2010.03.10 18:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2009.12.25 18:52:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.08.10 21:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TmForever
[2009.12.03 22:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.06.24 10:35:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tunngle
[2012.07.01 12:31:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VirtualWifiRouter
[2011.10.15 18:09:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Xilisoft
[2009.12.03 22:35:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2013.01.24 15:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2010.08.28 14:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\2K Sports
[2011.07.19 12:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Airport Control Simulator
[2011.01.30 09:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Audacity
[2011.03.19 17:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\avidemux
[2013.12.31 00:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BitComet
[2010.03.14 21:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BlackBean
[2010.03.14 09:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\com.adobe.ExMan
[2009.12.27 14:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Cool Record Edit Pro
[2009.12.24 22:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DAEMON Tools Lite
[2012.03.03 11:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DDMSettings
[2010.11.28 07:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Dropbox
[2010.06.21 18:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Facebook
[2011.09.23 18:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\GetRightToGo
[2010.04.25 06:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\gtk-2.0
[2013.01.24 15:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ICQ Search
[2011.09.20 15:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ImTOO
[2009.12.25 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Leadertech
[2013.01.27 16:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Miranda
[2011.10.15 18:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\MOVAVI
[2010.03.15 02:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Nokia
[2010.11.03 22:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Opera
[2012.07.24 22:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Oracle
[2009.12.29 15:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Outertech
[2010.03.15 01:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PC Suite
[2011.02.19 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PhotoScape
[2010.09.28 15:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Playrix Entertainment
[2010.01.07 13:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PowerChallenge
[2012.04.08 12:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ProtectDISC
[2010.12.19 17:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Publish Providers
[2013.01.27 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QIP
[2013.10.05 13:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QipGuard
[2010.01.21 20:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\SMS posílač Treca
[2010.12.19 17:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sony
[2012.06.09 12:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sports Interactive
[2010.04.08 19:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Stardock
[2010.02.14 02:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TeamViewer
[2009.12.03 22:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TuneUp Software
[2011.08.08 14:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Tunngle
[2011.10.15 20:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Xilisoft
[2009.12.03 22:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.12.03 21:54:21 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.12.03 22:03:05 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.12.03 22:35:56 | 000,000,482 | ---- | C] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2009.12.03 22:36:39 | 000,000,474 | ---- | C] () -- C:\WINDOWS\Tasks\Úklid 1 kliknutím.job
[2010.01.03 22:28:29 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2011.07.27 00:17:11 | 000,000,966 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003Core.job
[2011.07.27 00:17:11 | 000,001,018 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003UA.job
[2012.03.03 14:28:14 | 000,000,402 | -H-- | C] () -- C:\WINDOWS\Tasks\Norton Security Scan for XXX.job
[2012.09.17 16:08:44 | 000,000,318 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

Bajtys · #17 Příspěvek od **Bajtys** » 19 led 2014 14:22

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.12.24 20:28:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.08.28 14:55:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\2K Sports
[2010.07.24 10:37:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Adobe
[2009.12.27 10:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\AdobeUM
[2013.03.09 09:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Ahead
[2011.07.19 12:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Airport Control Simulator
[2010.01.28 20:17:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Apple Computer
[2011.01.30 09:46:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Audacity
[2011.03.19 17:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\avidemux
[2013.12.31 00:39:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BitComet
[2010.03.14 21:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\BlackBean
[2010.03.14 09:49:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\com.adobe.ExMan
[2009.12.27 14:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Cool Record Edit Pro
[2010.02.17 20:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Corel
[2010.03.19 23:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\CyberLink
[2009.12.24 22:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DAEMON Tools Lite
[2012.03.03 11:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DDMSettings
[2010.11.27 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\DivX
[2010.11.28 07:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Dropbox
[2010.06.21 18:51:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Facebook
[2011.09.23 18:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\GetRightToGo
[2011.11.19 09:41:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Google
[2010.04.25 06:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\gtk-2.0
[2011.06.23 23:30:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Hamachi
[2013.01.24 15:11:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ICQ Search
[2009.12.28 19:11:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Identities
[2011.09.20 15:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ImTOO
[2009.12.03 22:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\InstallShield
[2009.12.25 00:05:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Leadertech
[2011.02.10 22:37:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Logitech
[2010.03.17 21:59:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Macromedia
[2014.01.18 17:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Malwarebytes
[2010.06.18 22:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Media Player Classic
[2011.06.01 07:25:13 | 000,000,000 | --SD | M] -- C:\Documents and Settings\XXX\Data aplikací\Microsoft
[2013.01.27 16:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Miranda
[2011.10.15 18:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\MOVAVI
[2009.12.29 16:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Mozilla
[2010.08.10 23:21:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Mozilla-Cache
[2010.03.15 02:00:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Nokia
[2013.12.26 14:02:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\NVIDIA
[2010.11.03 22:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Opera
[2012.07.24 22:46:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Oracle
[2009.12.29 15:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Outertech
[2010.03.15 01:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PC Suite
[2011.02.19 14:22:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PhotoScape
[2010.09.28 15:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Playrix Entertainment
[2010.01.07 13:34:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\PowerChallenge
[2012.04.08 12:24:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\ProtectDISC
[2010.12.19 17:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Publish Providers
[2013.01.27 16:05:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QIP
[2013.10.05 13:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\QipGuard
[2009.12.25 22:51:45 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\XXX\Data aplikací\SecuROM
[2012.06.29 14:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Skype
[2010.01.23 18:32:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\skypePM
[2010.01.21 20:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\SMS posílač Treca
[2010.12.19 17:05:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sony
[2012.06.09 12:58:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sports Interactive
[2010.04.08 19:56:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Stardock
[2010.01.07 13:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Sun
[2010.02.14 02:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TeamViewer
[2009.12.03 22:35:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\TuneUp Software
[2011.08.08 14:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Tunngle
[2013.12.28 11:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\vlc
[2011.10.15 20:08:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Xilisoft
[2009.12.03 22:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\XXX\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.06.21 18:51:06 | 000,050,354 | ---- | M] (Facebook, Inc.) -- C:\Documents and Settings\XXX\Data aplikací\Facebook\uninstall.exe
[2008.05.29 07:03:08 | 000,037,176 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.10 22:36:36 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2010.08.22 06:35:03 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_4B2CDCFF15405048D32BC6.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_5FAA040CB493285110E4EC.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_919A61A2B1C2C85D5E1B9C.exe
[2010.08.22 06:35:03 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_B2F4B2A6032FB9D21989BF.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_C2E50E5151C2F40E0D02BA.exe
[2010.08.22 06:35:03 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{5C10E06A-FFC1-46B6-B589-68FEB850458D}\_F2153A3970973E90AB0DD8.exe
[2010.07.19 08:12:35 | 000,077,542 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{B702F355-FE10-D065-C6DD-3706595EB1CD}\ARPPRODUCTICON.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_4DC6AAE9438378DF76C3F3.exe
[2010.05.20 14:44:47 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_60254AFE777DA71F4F266E.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_8483CE15E247BDB55C2F11.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_A5DE9F8D3609E7C6ADF25F.exe
[2010.05.20 14:44:47 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_A8649BF73BE3C919A6E053.exe
[2010.05.20 14:44:47 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}\_D17E6B9E68C7E08F42A046.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_055F6B2630BC04E2E5D714.exe
[2011.03.15 15:40:41 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_2EA1A803521A3222FC0C68.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_3DDEFDAF76D60744EBFD50.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_48B0C5CBFEADE9065A18A3.exe
[2011.03.15 15:40:41 | 000,090,126 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_B175BA0FF18B6C4D29EEA6.exe
[2011.03.15 15:40:41 | 000,097,566 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{D2D0EADB-FB44-4243-B4A9-855754A4BC56}\_CAB17EEA2F21493825D73A.exe
[2010.04.27 23:06:08 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2010.01.07 13:35:00 | 003,399,680 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\PowerChallenge\MZSoccer\mzsoccer.exe
[2010.01.21 13:55:34 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\SMS posílač Treca\SMSposilac.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.24 22:14:17 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.12.03 22:28:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.03 22:28:46 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.03 22:28:46 | 000,479,232 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[2014.01.19 10:17:11 | 000,024,944 | ---- | M] () -- C:\WINDOWS\system32\drivers\GVTDrv.sys

< %systemroot%\system32\*.* /3 >
[2014.01.19 10:17:10 | 000,000,004 | ---- | M] () -- C:\WINDOWS\system32\GVTunner.ref
[2014.01.18 01:03:19 | 083,425,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.01.19 00:36:58 | 000,002,078 | ---- | M] () -- C:\WINDOWS\system32\nvAppTimestamps
[2014.01.19 10:17:00 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\XXX\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.07.27 00:17:09 | 000,136,176 | ---- | M] (Google Inc.)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.19 12:02:34 | 000,000,512 | ---- | M] () MD5=1C29D5E32554ABF137E04899A7BBD071 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.12.24 13:58:37 | 183,870,535 | ---- | M] () -- \Documents and Settings\XXX\Dokumenty\Downloads\FIFA-14-crack-+-patch.rar
[2013.12.22 11:44:46 | 029,230,945 | ---- | M] () -- \Documents and Settings\XXX\Dokumenty\Downloads\FIFA-14-Crack-Only-V4.rar
[2013.10.28 18:34:14 | 029,347,328 | R--- | M] () -- \Documents and Settings\XXX\Plocha\fifa14-www.skidrowcrack.com.exe
[1 \Documents and Settings\XXX\Plocha\*.tmp files -> \Documents and Settings\XXX\Plocha\*.tmp -> ]
[2013.12.24 14:16:40 | 000,000,716 | ---- | M] () -- \Documents and Settings\XXX\Recent\FIFA-14-crack-+-patch.lnk
[2013.10.28 18:34:14 | 029,347,328 | R--- | M] () -- \hry\FIFA 14\Game\fifa14-www.skidrowcrack.com.exe
[2010.08.10 23:21:42 | 000,002,967 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby\safecrackerkeno.swf
[2010.08.10 23:21:42 | 000,012,201 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\flashlobby\lobby\safecrackerkeno_popup.swf
[2010.08.10 23:21:31 | 000,001,247 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\bjbar_safecrackerkeno_icon.jpg
[2003.12.05 13:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.10.02 14:44:58 | 000,010,145 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules\ExternalLibraryLoader.jsm.vir
[2012.07.20 21:29:25 | 000,000,047 | ---- | M] () -- \Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\extensions\youtubedownloader@mybrowserbar.com
[2010.01.07 13:42:02 | 000,007,026 | ---- | M] () -- \Documents and Settings\XXX\Data aplikací\PowerChallenge\powerloader.log
[2011.12.29 15:06:58 | 000,000,952 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\SRDownloader.nast
[2013.05.16 15:41:22 | 001,152,288 | ---- | M] () -- \NVIDIA\DisplayDriver\320.49\WinXP\English\GFExperience\ExtensionLoader.dll
[2013.11.08 21:48:39 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\331.82\WinXP\English\GFExperience\ExtensionLoader.dll
[2008.08.28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008.08.28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008.08.28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008.08.28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008.08.14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2007.03.12 13:48:46 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2006.01.02 09:10:42 | 000,049,152 | R--- | M] () -- \Program Files\Futuremark\3DMark06\PhysXLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{F4BD3399-3876-433A-B3AD-87CCC4E86765}\ExtensionLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.06.04 10:57:24 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.06.04 10:57:24 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2010.08.10 23:21:46 | 000,002,688 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multihandbj\Loader.swf
[2010.08.10 23:21:51 | 000,002,688 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\fcgames\roulette\Loader.swf
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.10.08 20:03:00 | 000,005,932 | ---- | M] () -- \Program Files\Xilisoft\PowerPoint to Video Converter Free\plugins\loader.avsi
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2009.12.28 11:41:40 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.08.07 17:26:48 | 000,266,952 | ---- | M] () -- \WINDOWS\Downloaded Program Files\PowerLoader.dll
[2009.08.07 17:23:50 | 000,000,791 | ---- | M] () -- \WINDOWS\Downloaded Program Files\PowerLoader.inf
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[11 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2010.01.18 07:30:50 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.01.12 06:54:44 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >
[2013.12.31 00:39:31 | 000,018,480 | ---- | M] () -- \Documents and Settings\XXX\Data aplikací\BitComet\rules\dhtnodes.dat

< *AutoKMS* /s >

< *activator* /s >
[2008.08.14 07:56:12 | 000,003,942 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008.08.14 07:56:10 | 000,001,489 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2014.01.13 00:32:35 | 000,003,072 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_serialy.kinotip.in_0.localstorage
[2014.01.13 00:32:35 | 000,003,608 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_serialy.kinotip.in_0.localstorage-journal
[2013.12.25 23:40:54 | 000,003,072 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage
[2013.12.25 23:40:54 | 000,003,608 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialzone.cz_0.localstorage-journal
[2009.12.26 10:03:18 | 000,000,170 | ---- | M] () -- \Documents and Settings\XXX\Local Settings\Data aplikací\Rockstar Games\GTA IV\Settings\serial.dat
[2008.08.28 16:40:42 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.08.28 16:40:42 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008.08.28 16:40:42 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008.08.06 10:45:18 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.08.06 10:45:18 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008.08.06 10:45:18 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008.09.19 04:10:54 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008.09.19 04:10:54 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008.09.19 04:10:54 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008.08.14 07:56:46 | 000,059,514 | ---- | M] () -- \Program Files\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.11 23:46:33 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.08.24 18:01:46 | 000,450,560 | ---- | M] () -- \Program Files\Sony\Vegas Pro 9.0\CoreGraphics.XmlSerializers.dll
[2009.08.24 18:01:48 | 000,311,296 | ---- | M] () -- \Program Files\Sony\Vegas Pro 9.0\CoreUI.XmlSerializers.dll
[2004.08.17 14:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.12.27 09:17:33 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.11 23:51:25 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.12 01:42:37 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.05 14:56:39 | 001,262,080 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreGraphics.XmlSer#\c2089f9e3d0bf3d1b5e4a9d88609be59\CoreGraphics.XmlSerializers.ni.dll
[2013.10.05 14:56:56 | 000,864,256 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreUI.XmlSerialize#\4ed9d7611080713e91e977f298eebd14\CoreUI.XmlSerializers.ni.dll
[2013.10.05 13:25:21 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.05 14:55:04 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2013.12.25 10:40:54 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.25 10:40:35 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab90a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.12.24 12:48:09 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.12.25 09:35:03 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.12.24 12:48:08 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.12.25 09:34:58 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 13:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[11 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

Bajtys · #18 Příspěvek od **Bajtys** » 19 led 2014 14:23

OTL Extras logfile created on: 19.1.2014 12:00:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\XXX\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,49 Gb Available Physical Memory | 24,48% Memory free
3,85 Gb Paging File | 2,26 Gb Available in Paging File | 58,75% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 244,14 Gb Total Space | 115,67 Gb Free Space | 47,38% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 191,79 Gb Free Space | 86,54% Space Free | Partition Type: NTFS

Computer Name: XXX-07A3B26BAE8 | User Name: XXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-448539723-1647877149-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1"
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"2987:TCP" = 2987:TCP:*:Enabled:Connectify File Sharing
"10874:TCP" = 10874:TCP:*:Enabled:BitComet 10874 TCP
"10874:UDP" = 10874:UDP:*:Enabled:BitComet 10874 UDP

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\football4fun.exe" = C:\Program Files\KONAMI\Pro Evolution Soccer 2010\football4fun.exe:*:Enabled:Pro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Program Files\PES 11\pes2011-100.exe" = D:\Program Files\PES 11\pes2011-100.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"D:\Program Files\PES 11\gacp_11.exe" = D:\Program Files\PES 11\gacp_11.exe:*:Enabled:Pro Evolution Soccer 2011 -- (Konami Digital Entertainment Co., Ltd.)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\WINDOWS\system32\dmwu.exe" = C:\WINDOWS\system32\dmwu.exe:*:Enabled:dmwu
"C:\Program Files\Sports Interactive\Football Manager 2011 Russian\fm.exe" = C:\Program Files\Sports Interactive\Football Manager 2011 Russian\fm.exe:*:Disabled:Football Manager 2011 -- (Sports Interactive)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- (www.BitComet.com)
"C:\hry\FIFA 14\Game\fifa14.exe" = C:\hry\FIFA 14\Game\fifa14.exe:*:Enabled:FIFA 14 -- (Electronic Arts)
"C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe" = C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS) -- (NVIDIA Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.0205.1
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{100B729F-07A2-4A81-A28C-AE4A14FB4FB7}" = Nokia Photos
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12D98BF2-5AEA-4AA5-A655-D2BADBD49536}" = GameDeviceDriver
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2258EB2F-185C-43A0-BD05-F8717375A70B}" = Vegas Pro 9.0
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2DF7B278-D3B6-40A4-B25C-0E7149F439EA}" = 3DMark05
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0216.1
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4F2CE68F-EDBB-4592-BF07-5AC930A51029}" = Nero 7 Premium
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C10E06A-FFC1-46B6-B589-68FEB850458D}" = Mz Assistant by isvicare
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82B1150E-9B37-49FC-83EB-D52197D900D0}" = Sunbelt Personal Firewall
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}" = PC Connectivity Solution
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA7A2800-1E75-4240-855B-03AFF8E5171E}" = FIFA 14
"{AC76BA86-7AD7-1029-7B44-A70000000000}" = Adobe Reader 7.0 - Czech
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 140.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B702F355-FE10-D065-C6DD-3706595EB1CD}" = Application Profiles
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C68C0DBE-A858-44B1-9C8B-49802FDBAEA6}" = Mz Assistant by isvicare
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D0EADB-FB44-4243-B4A9-855754A4BC56}" = Mz Assistant by isvicare
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"3D Windows XP" = 3D Windows XP Screen Saver
"4077F884D1BB007055BDB83B621D87220A73F30F" = Balíček ovladače systému Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"avast" = avast! Free Antivirus
"Avidemux 2.5" = Avidemux 2.5
"BitComet" = BitComet 1.36
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FIFA 14_is1" = FIFA 14 1.2
"Guard.Mail.ru" = Guard.ICQ
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImTOO Convert PowerPoint to Video Free" = ImTOO Convert PowerPoint to Video Free
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B09.0216.1
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Movavi PowerPoint To Video Converter 2" = Movavi PowerPoint To Video Converter 2
"Mozilla Firefox 4.0 (x86 cs)" = Mozilla Firefox 4.0 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"OpenAL" = OpenAL
"PhotoFiltre" = PhotoFiltre
"PowerPoint to Video DVD_is1" = PowerPoint to Video DVD 3.6
"Powerpoint-PPT to AVI-GIF Converter_is1" = Powerpoint-PPT to AVI-GIF Converter v1.117 (Release 06-03-07 Fr
"SocialVPN 0.5.1" = SocialVPN 0.5.1
"Stylish Profile" = Stylish Profile
"VLC media player" = VLC media player 2.1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 3.0
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Xilisoft PowerPoint to AVI Converter" = Xilisoft PowerPoint to AVI Converter
"Xilisoft PowerPoint to Video Converter Free" = Xilisoft PowerPoint to Video Converter Free
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-448539723-1647877149-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3D Hockey" = 3D Hockey
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 17.2.2010 14:10:13 | Computer Name = XXX-07A3B26BAE8 | Source = avast! | ID = 33554522
Description =

Error - 10.3.2010 17:57:31 | Computer Name = XXX-07A3B26BAE8 | Source = avast! | ID = 33554522
Description =

Error - 25.3.2010 8:22:58 | Computer Name = XXX-07A3B26BAE8 | Source = avast! | ID = 33554522
Description =

Error - 1.4.2010 11:07:30 | Computer Name = XXX-07A3B26BAE8 | Source = avast! | ID = 33554522
Description =

Error - 1.4.2010 11:07:49 | Computer Name = XXX-07A3B26BAE8 | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 14.12.2013 4:07:55 | Computer Name = XXX-07A3B26BAE8 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 14.12.2013 4:07:55 | Computer Name = XXX-07A3B26BAE8 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 14.12.2013 4:07:55 | Computer Name = XXX-07A3B26BAE8 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 14.12.2013 4:07:55 | Computer Name = XXX-07A3B26BAE8 | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 14.12.2013 4:07:55 | Computer Name = XXX-07A3B26BAE8 | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 21.12.2013 12:30:26 | Computer Name = XXX-07A3B26BAE8 | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 21.12.2013 12:31:00 | Computer Name = XXX-07A3B26BAE8 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 24.12.2013 8:47:00 | Computer Name = XXX-07A3B26BAE8 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SC-7415FF7415.rar.exe, verze 2013.12.23.1757,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 24.12.2013 8:47:01 | Computer Name = XXX-07A3B26BAE8 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace SC-7415FF7415.rar.exe, verze 2013.12.23.1757,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.12.2013 11:51:44 | Computer Name = XXX-07A3B26BAE8 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 socialvpnservice.exe, P2 0.0.0.0, P3 4d50e0bd,
P4 mscorlib, P5 2.0.0.0, P6 5174dd4c, P7 3455, P8 1d7, P9 system.io.ioexception,
P10 NIL.

[ OSession Events ]
Error - 13.3.2010 11:53:55 | Computer Name = XXX-07A3B26BAE8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

Error - 28.7.2010 6:47:23 | Computer Name = XXX-07A3B26BAE8 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5.1.2014 7:04:33 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 11.1.2014 12:18:58 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 12.1.2014 6:55:18 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 13.1.2014 4:29:59 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 17.1.2014 12:27:30 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 18.1.2014 3:55:16 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 18.1.2014 11:56:24 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 18.1.2014 13:59:27 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 18.1.2014 14:06:50 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

Error - 19.1.2014 5:17:11 | Computer Name = XXX-07A3B26BAE8 | Source = ipnathlp | ID = 30013
Description = Přidělování DHCP bylo automaticky vypnuto u adresy IP 10.128.137.146,
protože
tato adresa nespadá do oboru 192.168.0.0/255.255.255.0, ze kterého jsou přidělovány
adresy klientům DHCP. Chcete-li přidělování DHCP u této adresy IP zapnout, změňte
obor tak, aby tuto adresu IP zahrnoval, nebo změňte adresu IP tak, aby spadala do
oboru.

[ TuneUp Events ]
Error - 18.1.2014 12:00:51 | Computer Name = XXX-07A3B26BAE8 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 17:00:51', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','4244',0)

Error - 18.1.2014 12:01:31 | Computer Name = XXX-07A3B26BAE8 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 17:01:31', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','5704',0)

Error - 18.1.2014 14:10:05 | Computer Name = XXX-07A3B26BAE8 | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 19:10:05', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','1528',0)

< End of report >

#19 Příspěvek od **Márty84** » 19 led 2014 17:37

Hlidejte si velikost plochy. Nemela by mit vic nez 200-300 MB

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
Guard.Mail.ru
JavaQuickStarterService
TuneUp.ProgramStatisticsSvc
UxTuneUp
TuneUp.Defrag
NBService

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003UA.job
C:\WINDOWS\tasks\Norton Security Scan for XXX.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-18\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1
IE - HKU\S-1-5-21-448539723-1647877149-725345543-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-448539723-1647877149-725345543-1003\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\InprocServer32 File not found
IE - HKU\S-1-5-21-448539723-1647877149-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com.anonymize-me.de/ ... 653F7D&st={searchTerms}&clid=a0428401-8192-4cbc-8bcc-41c32b0e1720&pid=icqt&k=0
IE - HKU\S-1-5-21-448539723-1647877149-725345543-1003\..\SearchScopes\search13: "URL" = http://search13.net.anonymize-me.de/?an ... 6D737D&st={searchTerms}&clid=a0428401-8192-4cbc-8bcc-41c32b0e1720&pid=icqt&k=0
FF - prefs.js..browser.search.defaulturl: "http://search13.net/search.php?clid=486&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..extensions.enabledAddons: QipCounter@qip.ru:1.0
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
[2012.08.24 13:47:32 | 000,005,054 | ---- | M] () (No name found) -- C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\extensions\QipCounter@qip.ru.xpi
[2010.11.03 22:44:10 | 000,002,182 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{3CC5A861-7085-4329-BF4A-DFD056A00CDB}.xml
[2010.11.03 22:44:10 | 000,001,864 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{96431DA7-2E65-4889-AA51-91DA1E37F875}.xml
[2010.11.03 22:44:10 | 000,002,071 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{A9941E98-F141-402D-9719-CC92D54D0484}.xml
[2010.11.03 22:44:10 | 000,024,033 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{B56F6713-4E29-4E8C-BB1A-5D9E1616940F}.xml
[2010.11.03 22:44:10 | 000,002,516 | ---- | M] () -- C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{B68E2246-C966-48F3-A498-67133D2E0DEE}.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\XXX\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\PFVA3IW3.DEFAULT\EXTENSIONS\QIPCOUNTER@QIP.RU.XPI
[2012.01.12 09:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=cr ... 06&sr=0&q={searchTerms}
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\XXX\Plocha\*.tmp files -> C:\Documents and Settings\XXX\Plocha\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[19 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[7 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[11 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D2E4734-AD78-1969-8515-C70C95E8E296}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AA21982-9C00-F0AB-9E37-F6F3C299A42B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"!{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"GrooveMonitor"=-
"DivXUpdate"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Google Update"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Bajtys · #20 Příspěvek od **Bajtys** » 19 led 2014 18:06

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 14115647 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49772175 bytes

User: XXX
->Temp folder emptied: 3187011 bytes
->Temporary Internet Files folder emptied: 40644345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 85078244 bytes
->Google Chrome cache emptied: 344972140 bytes
->Flash cache emptied: 50378 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2334857 bytes
%systemroot%\System32 .tmp files removed: 6025000 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 253617 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 355608422 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3282574540 bytes

Total Files Cleaned = 3 991,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: XXX
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service TuneUp.ProgramStatisticsSvc stopped successfully!
Service TuneUp.ProgramStatisticsSvc deleted successfully!
Service UxTuneUp stopped successfully!
Service UxTuneUp deleted successfully!
Service TuneUp.Defrag stopped successfully!
Service TuneUp.Defrag deleted successfully!
Service NBService stopped successfully!
Service NBService deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\1-Click Maintenance.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1647877149-725345543-1003UA.job moved successfully.
C:\WINDOWS\tasks\Norton Security Scan for XXX.job moved successfully.
C:\WINDOWS\tasks\Úklid 1 kliknutím.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry value HKEY_USERS\S-1-5-21-448539723-1647877149-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-448539723-1647877149-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-448539723-1647877149-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-448539723-1647877149-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Prefs.js: "http://search13.net/search.php?clid=486&q=" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: QipCounter@qip.ru:1.0 removed from extensions.enabledAddons
Prefs.js: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 removed from extensions.enabledItems
C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\extensions\QipCounter@qip.ru.xpi moved successfully.
C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{3CC5A861-7085-4329-BF4A-DFD056A00CDB}.xml moved successfully.
C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{96431DA7-2E65-4889-AA51-91DA1E37F875}.xml moved successfully.
C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{A9941E98-F141-402D-9719-CC92D54D0484}.xml moved successfully.
C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{B56F6713-4E29-4E8C-BB1A-5D9E1616940F}.xml moved successfully.
C:\Documents and Settings\XXX\Data aplikací\Mozilla\Firefox\Profiles\pfva3iw3.default\searchplugins\{B68E2246-C966-48F3-A498-67133D2E0DEE}.xml moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D}\ not found.
File delete failed. C:\Documents and Settings\XXX\Plocha\~WRL0005.tmp scheduled to be deleted on reboot.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP123.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP142.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP142.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP207.tmp\PresentationUI.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP207.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254.tmp\System.Design.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP296.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP337.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP374.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP459.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP520.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP63.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP702.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAC6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFA.tmp folder deleted successfully.
C:\WINDOWS\CSC\csc1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI15D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI261.tmp deleted successfully.
C:\WINDOWS\Installer\MSI263.tmp deleted successfully.
C:\WINDOWS\Installer\MSID4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIF4.tmp deleted successfully.
C:\WINDOWS\Installer\MSIF6.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0D2E4734-AD78-1969-8515-C70C95E8E296}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D2E4734-AD78-1969-8515-C70C95E8E296}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AA21982-9C00-F0AB-9E37-F6F3C299A42B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AA21982-9C00-F0AB-9E37-F6F3C299A42B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{EEE6C35B-6118-11DC-9C72-001320C79847} not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01192014_175752

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\XXX\Local Settings\Temp\~DF958D.tmp not found!
C:\Documents and Settings\XXX\Local Settings\Temporary Internet Files\Content.Word\~WRS{0B634AFD-4F25-4CBF-95D0-629414F3762E}.tmp moved successfully.
C:\Documents and Settings\XXX\Local Settings\Temporary Internet Files\Content.Word\~WRS{2161FB27-6A69-48A7-83E9-E93478BC5B82}.tmp moved successfully.
C:\Documents and Settings\XXX\Local Settings\Temporary Internet Files\Content.Word\~WRS{2F1E7E89-88BA-406E-B333-1A0ACEAD037E}.tmp moved successfully.
C:\Documents and Settings\XXX\Local Settings\Temporary Internet Files\Content.Word\~WRS{6F7FE02E-BD99-4ACB-B4CB-67560FAF8F56}.tmp moved successfully.
C:\Documents and Settings\XXX\Local Settings\Temporary Internet Files\Content.Word\~WRS{C6BB23BE-B8C5-413E-BDBE-7B8EC804C6B6}.tmp moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\Documents and Settings\XXX\Plocha\~WRL0005.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#21 Příspěvek od **Márty84** » 20 led 2014 01:26

Jak to vypada, porad neco vyskakuje?

Bajtys · #22 Příspěvek od **Bajtys** » 20 led 2014 10:47

Bohužel ano. Občas něco vyskočí, sem tam se objeví podtrhnutý text v prohlížeči.

#23 Příspěvek od **Márty84** » 20 led 2014 12:58

V kterem prohlizeci? Ve vsech?

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix.
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

27.2. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.

Re: Vyskakující reklamy apod.