Tak konečně hotovo, MBAMu trvala kontrola asi 7 hodin a napoprvé jsem to zase nestihla, počítač se asi restartoval a žádný log nikde nezůstal, takže jsem tu kontrolu musela dělat znovu.
Tady je:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.15.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Klif :: KLIFIK [administrátor]
Ochrana: Povolena
16.2.2014 10:13:29
MBAM-log-2014-02-16 (15-57-05).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 1269523
Uplynulý čas: 5 hodin, 28 minut, 34 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 8
C:\Documents and Settings\Klif\Data aplikací\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Data aplikací\OpenCandy\7C8DB43CC26943669693CE8F095F54DB (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559 (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559\xpi (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559\xpi\defaults (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Data aplikací\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Data aplikací\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 5
C:\Documents and Settings\Klif\Plocha\stazene\FreeVideoConverterSetup-r0-n-bf.exe (PUP.Optional.Koyote.A) -> Nebyla provedena žádná instrukce.
D:\Klif\stazene\kmplayer-3.7.0.113.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{9040B355-1049-4E3C-A8D5-819D915C9CA5}\RP59\A0023139.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Data aplikací\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Klif\Data aplikací\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
(konec)
To, co tam měl k odstranění jsem rovnou odstranila... nevím, jestli jsem měla, ale vzhledem k tomu, jak dlouho ta kontrola trvala a protože druhý program po mně před spuštěním chtěl restartovat počítač, takže kdybyste mi potom poradil soubory odstranit, musela bych tu sedmihodinovou kontrolu dělat znovu a možná zase několikrát... tak jsem to dala odstranit rovnou. A tohle to vypsalo po tom odstranění:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.02.15.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Klif :: KLIFIK [administrátor]
Ochrana: Povolena
16.2.2014 10:13:29
mbam-log-2014-02-16 (10-13-29).txt
Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 1269523
Uplynulý čas: 5 hodin, 28 minut, 34 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 8
C:\Documents and Settings\Klif\Data aplikací\OpenCandy (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Data aplikací\OpenCandy\7C8DB43CC26943669693CE8F095F54DB (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559 (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559\xpi (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559\xpi\defaults (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Local Settings\Temp\CT1750559\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Data aplikací\newnext.me (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Data aplikací\newnext.me\cache (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
Nalezené soubory: 5
C:\Documents and Settings\Klif\Plocha\stazene\FreeVideoConverterSetup-r0-n-bf.exe (PUP.Optional.Koyote.A) -> Přesun do karantény a smazání se zdařilo.
D:\Klif\stazene\kmplayer-3.7.0.113.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
D:\System Volume Information\_restore{9040B355-1049-4E3C-A8D5-819D915C9CA5}\RP59\A0023139.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Data aplikací\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Klif\Data aplikací\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
(konec)
Jako druhý jsem pustila ten MBAR, ten nic nenašel a potom vypsal tohle:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.16.03
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
:: KLIFIK [administrator]
16.2.2014 16:33:38
mbar-log-2014-02-16 (16-33-38).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 257823
Time elapsed: 10 minute(s), 40 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc s odstraněním viru
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o pomoc s odstraněním viru
To bylo spravne rozhodnuti s tim smazanim 
Disk D je co? Vadi mi tam ten nalez, myslel jsem, ze jsme body obnovy vymazali
D:\System Volume Information\_restore{9040B355-1049-4E3C-A8D5-819D915C9CA5}\RP59\A0023139.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
Ale jinak nevidim ty potvory, ktere tam byly predtim.
Dejte mi sem aktualni log z RSIT
Disk D je co? Vadi mi tam ten nalez, myslel jsem, ze jsme body obnovy vymazali
D:\System Volume Information\_restore{9040B355-1049-4E3C-A8D5-819D915C9CA5}\RP59\A0023139.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
Ale jinak nevidim ty potvory, ktere tam byly predtim.
Dejte mi sem aktualni log z RSITPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o pomoc s odstraněním viru
S tím bodem obnovy jsem to udělala podle návodu - http://forum.viry.cz/viewtopic.php?f=46&t=47040 . Potom se mi po restartu i změnil vzhled spodní lišty, startu a tak. Ale když MBAM restartoval počítač (asi to byl on), tak se vzhled vrátil zase zpátky, tak nevím...
Ale - D je druhý disk, který mám v počítači, jen na zálohy nebo si tam dávám nějaké věci, aby mi tady na tom hlavním disku nezabíraly místo, a kdysi na něm taky byly nainstalované Windowsy, které jsem ještě nevymazala, tak možná proto se to tam objevilo.
Tady je RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Klif at 2014-02-16 20:14:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 421 GB (44%) free of 954 GB
Total RAM: 2047 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:57, on 16.2.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST\AvastUI.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Klif\Plocha\stazene\RSIT(1).exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Klif.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\PROGRA~1\ACCESS~1\ACCESS~1.DLL
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1614895754-287218729-725345543-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: _uninst_21936792.lnk = C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_21936792.bat
O4 - Startup: _uninst_46936320.lnk = C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_46936320.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: The Cleaner Helper Service (moohelp) - MooSoft Development LLC - C:\Program Files\The Cleaner\mhelper.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
--
End of file - 8641 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default
"wrc@avast.com"=C:\Program Files\AVAST\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST\aswWebRepIE.dll [2014-01-05 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{11352A67-0178-46B1-8855-D50B2F81C054} - Web Accessibility Toolbar - C:\PROGRA~1\ACCESS~1\ACCESS~1.DLL [2007-07-20 427520]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST\aswWebRepIE.dll [2014-01-05 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2014-01-03 20145368]
"AvastUI.exe"=C:\Program Files\AVAST\AvastUI.exe [2014-01-05 3764024]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2011-02-04 2346496]
"tcactive"=C:\Program Files\The Cleaner\tcap.exe [2013-11-24 6152272]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění
_uninst_21936792.lnk - C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_21936792.bat
_uninst_46936320.lnk - C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_46936320.bat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"TaskbarNoNotification"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\AppServ\Apache2.2\bin\httpd.exe"="C:\AppServ\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe"="C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe:*:Enabled:ICQ"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2014-02-16 16:33:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2014-02-16 16:33:23 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-02-16 03:10:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-02-16 03:01:57 ----SHD---- C:\Config.Msi
2014-02-15 14:42:49 ----D---- C:\Documents and Settings\Klif\Data aplikací\Malwarebytes
2014-02-15 12:41:36 ----D---- C:\WINDOWS\temp
2014-02-15 12:41:34 ----A---- C:\ComboFix.txt
2014-02-15 10:50:12 ----D---- C:\Program Files\Mozilla Firefox
2014-02-15 10:23:40 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2014-02-09 08:53:14 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-02-08 16:32:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-02-08 16:32:04 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-02-08 16:27:04 ----A---- C:\WINDOWS\ntbtlog.txt
2014-02-08 09:36:11 ----RASHD---- C:\cmdcons
2014-02-08 06:08:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-02-07 09:55:23 ----D---- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
2014-02-07 09:54:33 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2014-02-07 09:54:32 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2014-02-07 09:54:32 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2014-02-07 09:54:32 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2014-02-07 09:54:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2014-02-07 09:54:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2014-02-07 09:54:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2014-02-07 09:54:30 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2014-02-07 09:54:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2014-02-07 09:54:27 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2014-02-07 09:54:26 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2014-02-07 09:54:26 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2014-02-07 09:54:25 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2014-02-07 09:52:51 ----D---- C:\Program Files\Prison Tycoon 4
2014-02-04 01:13:31 ----D---- C:\rsit
2014-02-04 01:13:31 ----D---- C:\Program Files\trend micro
2014-02-02 23:08:42 ----D---- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
2014-02-02 22:46:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2014-02-02 22:46:04 ----D---- C:\Program Files\IObit Unlocker
2014-02-01 15:24:14 ----D---- C:\Documents and Settings\Klif\Data aplikací\thecleaner
2014-02-01 15:22:39 ----D---- C:\Program Files\The Cleaner
2014-01-31 21:41:03 ----A---- C:\WINDOWS\zip.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\SWSC.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\SWREG.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\sed.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\PEV.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\NIRCMD.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\MBR.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\grep.exe
2014-01-31 21:39:49 ----D---- C:\Qoobox
2014-01-31 21:39:21 ----D---- C:\WINDOWS\erdnt
2014-01-24 00:24:40 ----D---- C:\Documents and Settings\Klif\Data aplikací\NVIDIA
2014-01-24 00:20:16 ----D---- C:\Program Files\DVDVideoSoft
2014-01-24 00:20:16 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2014-01-24 00:20:16 ----D---- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
2014-01-24 00:10:24 ----D---- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
2014-01-24 00:10:04 ----D---- C:\Program Files\Free Video Converter
2014-01-20 03:13:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2014-01-20 02:54:38 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-20 02:54:31 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-20 02:54:31 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-20 02:54:31 ----A---- C:\WINDOWS\system32\java.exe
2014-01-19 16:03:49 ----D---- C:\Documents and Settings\Klif\Data aplikací\.minecraft
======List of files/folders modified in the last 1 month======
2014-02-16 20:14:58 ----D---- C:\WINDOWS\Prefetch
2014-02-16 16:33:23 ----D---- C:\WINDOWS\system32\drivers
2014-02-16 16:01:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-02-16 16:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-02-16 03:27:30 ----D---- C:\WINDOWS
2014-02-16 03:27:04 ----D---- C:\WINDOWS\system32
2014-02-16 03:26:07 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-16 03:14:48 ----RSD---- C:\WINDOWS\assembly
2014-02-16 03:11:47 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-16 03:10:48 ----HD---- C:\WINDOWS\inf
2014-02-16 03:10:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-16 03:10:38 ----SHD---- C:\WINDOWS\Installer
2014-02-16 03:09:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-16 03:08:43 ----D---- C:\WINDOWS\WinSxS
2014-02-16 03:04:17 ----D---- C:\WINDOWS\system32\MRT
2014-02-16 03:04:05 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-16 03:03:59 ----A---- C:\WINDOWS\imsins.BAK
2014-02-16 03:03:56 ----D---- C:\Program Files\Internet Explorer
2014-02-16 03:03:47 ----D---- C:\WINDOWS\ie8updates
2014-02-16 00:08:25 ----RD---- C:\Program Files
2014-02-15 23:52:36 ----D---- C:\Program Files\KMPlayer
2014-02-15 23:18:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-15 23:18:26 ----D---- C:\WINDOWS\ime
2014-02-15 12:40:46 ----A---- C:\WINDOWS\system.ini
2014-02-15 12:38:53 ----D---- C:\WINDOWS\AppPatch
2014-02-15 12:38:51 ----D---- C:\Program Files\Common Files
2014-02-15 10:42:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2014-02-11 10:15:20 ----D---- C:\Documents and Settings\Klif\Data aplikací\FileZilla
2014-02-10 22:32:03 ----D---- C:\WINDOWS\Help
2014-02-09 10:46:29 ----SHD---- C:\System Volume Information
2014-02-08 16:28:03 ----D---- C:\Documents and Settings
2014-02-08 13:09:03 ----D---- C:\Documents and Settings\Klif\Data aplikací\Skype
2014-02-08 10:03:27 ----D---- C:\WINDOWS\system32\drivers\etc
2014-02-08 09:58:49 ----D---- C:\WINDOWS\system32\config
2014-02-07 09:54:34 ----D---- C:\WINDOWS\system32\DirectX
2014-02-07 09:52:47 ----HD---- C:\Program Files\InstallShield Installation Information
2014-02-07 08:11:37 ----D---- C:\WINDOWS\Minidump
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\corpol.dll
2014-02-05 23:24:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-05 00:28:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 00:24:27 ----D---- C:\Program Files\Opera
2014-02-04 18:57:34 ----D---- C:\Program Files\ATnotes
2014-01-31 22:22:22 ----SD---- C:\WINDOWS\Tasks
2014-01-24 18:31:41 ----D---- C:\Documents and Settings\Klif\Data aplikací\Adobe
2014-01-24 00:11:23 ----A---- C:\WINDOWS\win.ini
2014-01-20 18:49:59 ----A---- C:\WINDOWS\php.ini
2014-01-20 17:52:38 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2014-01-20 02:54:31 ----D---- C:\Program Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-01-03 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-01-05 180248]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-01-03 243128]
R1 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-01-03 5620440]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2010-11-29 35712]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-01-03 1691480]
S3 catchme;catchme; \??\C:\DOCUME~1\Klif\LOCALS~1\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys []
S3 IObitUnlocker;IObitUnlocker; \??\C:\Program Files\IObit Unlocker\IObitUnlocker.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-01-03 1395800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\AppServ\Apache2.2\bin\httpd.exe [2008-01-17 24635]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST\AvastSvc.exe [2014-01-05 50344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 mysql;mysql; C:\AppServ\MySQL\bin\mysqld-nt --defaults-file=C:\AppServ\MySQL\my.ini mysql []
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-03 116648]
S2 moohelp;The Cleaner Helper Service; C:\Program Files\The Cleaner\mhelper.exe [2013-11-24 816208]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-03 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Ale - D je druhý disk, který mám v počítači, jen na zálohy nebo si tam dávám nějaké věci, aby mi tady na tom hlavním disku nezabíraly místo, a kdysi na něm taky byly nainstalované Windowsy, které jsem ještě nevymazala, tak možná proto se to tam objevilo.
Tady je RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Klif at 2014-02-16 20:14:50
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 421 GB (44%) free of 954 GB
Total RAM: 2047 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:57, on 16.2.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST\AvastUI.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\AppServ\Apache2.2\bin\httpd.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Klif\Plocha\stazene\RSIT(1).exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Klif.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Web Accessibility Toolbar - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\PROGRA~1\ACCESS~1\ACCESS~1.DLL
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1614895754-287218729-725345543-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: _uninst_21936792.lnk = C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_21936792.bat
O4 - Startup: _uninst_46936320.lnk = C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_46936320.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: The Cleaner Helper Service (moohelp) - MooSoft Development LLC - C:\Program Files\The Cleaner\mhelper.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
--
End of file - 8641 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default
"wrc@avast.com"=C:\Program Files\AVAST\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST\aswWebRepIE.dll [2014-01-05 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
IE Developer Toolbar BHO - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll [2007-03-01 623992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{11352A67-0178-46B1-8855-D50B2F81C054} - Web Accessibility Toolbar - C:\PROGRA~1\ACCESS~1\ACCESS~1.DLL [2007-07-20 427520]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST\aswWebRepIE.dll [2014-01-05 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2014-01-03 20145368]
"AvastUI.exe"=C:\Program Files\AVAST\AvastUI.exe [2014-01-05 3764024]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-04-07 13891176]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-02-24 1753192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2011-02-04 2346496]
"tcactive"=C:\Program Files\The Cleaner\tcap.exe [2013-11-24 6152272]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění
_uninst_21936792.lnk - C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_21936792.bat
_uninst_46936320.lnk - C:\Documents and Settings\Klif\Local Settings\Temp\_uninst_46936320.bat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"TaskbarNoNotification"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\QIP Infium\infium.exe"="C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"C:\AppServ\Apache2.2\bin\httpd.exe"="C:\AppServ\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe"="C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe:*:Enabled:ICQ"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
======List of files/folders created in the last 1 month======
2014-02-16 16:33:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2014-02-16 16:33:23 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2014-02-16 03:10:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-02-16 03:01:57 ----SHD---- C:\Config.Msi
2014-02-15 14:42:49 ----D---- C:\Documents and Settings\Klif\Data aplikací\Malwarebytes
2014-02-15 12:41:36 ----D---- C:\WINDOWS\temp
2014-02-15 12:41:34 ----A---- C:\ComboFix.txt
2014-02-15 10:50:12 ----D---- C:\Program Files\Mozilla Firefox
2014-02-15 10:23:40 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2014-02-09 08:53:14 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-02-08 16:32:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-02-08 16:32:04 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-02-08 16:27:04 ----A---- C:\WINDOWS\ntbtlog.txt
2014-02-08 09:36:11 ----RASHD---- C:\cmdcons
2014-02-08 06:08:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-02-07 09:55:23 ----D---- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
2014-02-07 09:54:33 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2014-02-07 09:54:32 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2014-02-07 09:54:32 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2014-02-07 09:54:32 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2014-02-07 09:54:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2014-02-07 09:54:31 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2014-02-07 09:54:31 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2014-02-07 09:54:30 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2014-02-07 09:54:29 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2014-02-07 09:54:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2014-02-07 09:54:27 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2014-02-07 09:54:26 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2014-02-07 09:54:26 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2014-02-07 09:54:25 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2014-02-07 09:52:51 ----D---- C:\Program Files\Prison Tycoon 4
2014-02-04 01:13:31 ----D---- C:\rsit
2014-02-04 01:13:31 ----D---- C:\Program Files\trend micro
2014-02-02 23:08:42 ----D---- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
2014-02-02 22:46:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2014-02-02 22:46:04 ----D---- C:\Program Files\IObit Unlocker
2014-02-01 15:24:14 ----D---- C:\Documents and Settings\Klif\Data aplikací\thecleaner
2014-02-01 15:22:39 ----D---- C:\Program Files\The Cleaner
2014-01-31 21:41:03 ----A---- C:\WINDOWS\zip.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\SWSC.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\SWREG.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\sed.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\PEV.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\NIRCMD.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\MBR.exe
2014-01-31 21:41:03 ----A---- C:\WINDOWS\grep.exe
2014-01-31 21:39:49 ----D---- C:\Qoobox
2014-01-31 21:39:21 ----D---- C:\WINDOWS\erdnt
2014-01-24 00:24:40 ----D---- C:\Documents and Settings\Klif\Data aplikací\NVIDIA
2014-01-24 00:20:16 ----D---- C:\Program Files\DVDVideoSoft
2014-01-24 00:20:16 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2014-01-24 00:20:16 ----D---- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
2014-01-24 00:10:24 ----D---- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
2014-01-24 00:10:04 ----D---- C:\Program Files\Free Video Converter
2014-01-20 03:13:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Gemfor
2014-01-20 02:54:38 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-20 02:54:31 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-20 02:54:31 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-20 02:54:31 ----A---- C:\WINDOWS\system32\java.exe
2014-01-19 16:03:49 ----D---- C:\Documents and Settings\Klif\Data aplikací\.minecraft
======List of files/folders modified in the last 1 month======
2014-02-16 20:14:58 ----D---- C:\WINDOWS\Prefetch
2014-02-16 16:33:23 ----D---- C:\WINDOWS\system32\drivers
2014-02-16 16:01:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-02-16 16:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-02-16 03:27:30 ----D---- C:\WINDOWS
2014-02-16 03:27:04 ----D---- C:\WINDOWS\system32
2014-02-16 03:26:07 ----D---- C:\WINDOWS\system32\CatRoot2
2014-02-16 03:14:48 ----RSD---- C:\WINDOWS\assembly
2014-02-16 03:11:47 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-16 03:10:48 ----HD---- C:\WINDOWS\inf
2014-02-16 03:10:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-02-16 03:10:38 ----SHD---- C:\WINDOWS\Installer
2014-02-16 03:09:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-16 03:08:43 ----D---- C:\WINDOWS\WinSxS
2014-02-16 03:04:17 ----D---- C:\WINDOWS\system32\MRT
2014-02-16 03:04:05 ----A---- C:\WINDOWS\system32\MRT.exe
2014-02-16 03:03:59 ----A---- C:\WINDOWS\imsins.BAK
2014-02-16 03:03:56 ----D---- C:\Program Files\Internet Explorer
2014-02-16 03:03:47 ----D---- C:\WINDOWS\ie8updates
2014-02-16 00:08:25 ----RD---- C:\Program Files
2014-02-15 23:52:36 ----D---- C:\Program Files\KMPlayer
2014-02-15 23:18:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-15 23:18:26 ----D---- C:\WINDOWS\ime
2014-02-15 12:40:46 ----A---- C:\WINDOWS\system.ini
2014-02-15 12:38:53 ----D---- C:\WINDOWS\AppPatch
2014-02-15 12:38:51 ----D---- C:\Program Files\Common Files
2014-02-15 10:42:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2014-02-11 10:15:20 ----D---- C:\Documents and Settings\Klif\Data aplikací\FileZilla
2014-02-10 22:32:03 ----D---- C:\WINDOWS\Help
2014-02-09 10:46:29 ----SHD---- C:\System Volume Information
2014-02-08 16:28:03 ----D---- C:\Documents and Settings
2014-02-08 13:09:03 ----D---- C:\Documents and Settings\Klif\Data aplikací\Skype
2014-02-08 10:03:27 ----D---- C:\WINDOWS\system32\drivers\etc
2014-02-08 09:58:49 ----D---- C:\WINDOWS\system32\config
2014-02-07 09:54:34 ----D---- C:\WINDOWS\system32\DirectX
2014-02-07 09:52:47 ----HD---- C:\Program Files\InstallShield Installation Information
2014-02-07 08:11:37 ----D---- C:\WINDOWS\Minidump
2014-02-06 04:38:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\url.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\occache.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08:34 ----A---- C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08:33 ----A---- C:\WINDOWS\system32\corpol.dll
2014-02-05 23:24:06 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-05 00:28:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 00:24:27 ----D---- C:\Program Files\Opera
2014-02-04 18:57:34 ----D---- C:\Program Files\ATnotes
2014-01-31 22:22:22 ----SD---- C:\WINDOWS\Tasks
2014-01-24 18:31:41 ----D---- C:\Documents and Settings\Klif\Data aplikací\Adobe
2014-01-24 00:11:23 ----A---- C:\WINDOWS\win.ini
2014-01-20 18:49:59 ----A---- C:\WINDOWS\php.ini
2014-01-20 17:52:38 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2014-01-20 02:54:31 ----D---- C:\Program Files\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-01-03 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-01-05 180248]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-01-03 243128]
R1 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-01-03 5620440]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-04-08 12501600]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2010-11-29 35712]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-01-03 1691480]
S3 catchme;catchme; \??\C:\DOCUME~1\Klif\LOCALS~1\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys []
S3 huawei_cdcecm;huawei_cdcecm; C:\WINDOWS\system32\DRIVERS\ew_jucdcecm.sys []
S3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys []
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\WINDOWS\system32\DRIVERS\ew_juextctrl.sys []
S3 IObitUnlocker;IObitUnlocker; \??\C:\Program Files\IObit Unlocker\IObitUnlocker.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-01-03 1395800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2;Apache2.2; C:\AppServ\Apache2.2\bin\httpd.exe [2008-01-17 24635]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST\AvastSvc.exe [2014-01-05 50344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 mysql;mysql; C:\AppServ\MySQL\bin\mysqld-nt --defaults-file=C:\AppServ\MySQL\my.ini mysql []
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-04-07 155752]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-03 116648]
S2 moohelp;The Cleaner Helper Service; C:\Program Files\The Cleaner\mhelper.exe [2013-11-24 816208]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-03 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Prosím o pomoc s odstraněním viru
Koukam, ze uz jste presla do normalniho rezimu Prijevuji se nejake problemy?
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Prijevuji se nejake problemy? Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o pomoc s odstraněním viru
A jéje, ten normální režim mi vůbec nedošel, jak mi ty programy restartovaly počítač, nechtěla jsem jim do toho radši zasahovat a oni si to zapnuli v normálním režimu... tak už jsem zase zpátky v nouzovém...
Jinak problémy jako předtím jsem žádné nepozorovala - neobjevily se ani nové soubory ani procesy od toho viru. Akorát mi nejde zvuk a blbne trochu grafika (když se třeba v delším souboru popojíždí dolu, tak se to tak jakoby trhá a popojíždí to strašně pomaličku, to už se mi jednou stalo a tuším, že to bylo tím, že chyběl ovladač), ale to zatím neřeším a MBAM pořád blokoval nějaké příchozí webové stránky, i když jsem třeba vůbec neměla otevřený žádný prohlížeč, což ale možná dělá normálně.
OTL kontrolu jsem udělala, akorát si to budu muset nejdřív přeposlat někam jinam a tam to zkopírovat, protože zkopírovat půlku dlouhého souboru by s tím blbnutím grafiky bylo na půl dne
Jinak problémy jako předtím jsem žádné nepozorovala - neobjevily se ani nové soubory ani procesy od toho viru. Akorát mi nejde zvuk a blbne trochu grafika (když se třeba v delším souboru popojíždí dolu, tak se to tak jakoby trhá a popojíždí to strašně pomaličku, to už se mi jednou stalo a tuším, že to bylo tím, že chyběl ovladač), ale to zatím neřeším a MBAM pořád blokoval nějaké příchozí webové stránky, i když jsem třeba vůbec neměla otevřený žádný prohlížeč, což ale možná dělá normálně.
OTL kontrolu jsem udělala, akorát si to budu muset nejdřív přeposlat někam jinam a tam to zkopírovat, protože zkopírovat půlku dlouhého souboru by s tím blbnutím grafiky bylo na půl dne
Re: Prosím o pomoc s odstraněním viru
To, ze se zatim vir neprojevil, je dobre znameni 
Snad to tak vydrzi.
Ale to co blokoval MBAM normalni neni, nebo jako stava se to, ale nemelo by. Porad se neco chce dostat dovnitr. Bud tam ten vir je a snazi se stahnout dalsi kamarady, nebo je to proste jen shoda nahod
Na tu grafiku se pak kouknete do spravce zarizeni, jestli tam u ni neni otaznik, nebo vykricnik.
Uvidime, co ukaze OTL. Za chvili ale odchazim na odpoledni cast do prace, takze na log kouknu az vecer, nebo zitra, podle toho jak budu stihat.
Snad to tak vydrzi. Ale to co blokoval MBAM normalni neni, nebo jako stava se to, ale nemelo by. Porad se neco chce dostat dovnitr. Bud tam ten vir je a snazi se stahnout dalsi kamarady, nebo je to proste jen shoda nahod
Na tu grafiku se pak kouknete do spravce zarizeni, jestli tam u ni neni otaznik, nebo vykricnik.
Uvidime, co ukaze OTL. Za chvili ale odchazim na odpoledni cast do prace, takze na log kouknu az vecer, nebo zitra, podle toho jak budu stihat.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o pomoc s odstraněním viru
OTL.exe :
OTL logfile created on: 17.2.2014 10:04:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Klif\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 63,78% Memory free
3,85 Gb Paging File | 3,25 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 410,74 Gb Free Space | 44,09% Space Free | Partition Type: NTFS
Drive D: | 931,50 Gb Total Space | 52,21 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Computer Name: KLIFIK | User Name: Klif | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.17 10:02:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klif\Plocha\OTL.exe
PRC - [2014.02.15 10:50:18 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.15 10:50:18 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.02.05 00:28:20 | 016,287,624 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.12.04 21:23:49 | 000,348,160 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.15 10:50:18 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.05 00:28:20 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.01.05 02:09:35 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.11.24 13:46:30 | 000,816,208 | ---- | M] (MooSoft Development LLC) [Auto | Stopped] -- C:\Program Files\The Cleaner\mhelper.exe -- (moohelp)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011.04.08 06:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2008.04.17 13:13:44 | 005,750,784 | ---- | M] () [Auto | Stopped] -- C:\AppServ\MySQL\bin\mysqld-nt.exe -- (mysql)
SRV - [2008.01.17 18:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\AppServ\Apache2.2\bin\httpd.exe -- (Apache2.2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Klif\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2014.02.16 16:32:51 | 000,052,312 | ---- | M] (Malwarebytes Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2014.01.05 02:09:38 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.01.05 02:09:38 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.01.05 02:09:38 | 000,180,248 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.01.05 02:09:38 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.01.05 02:09:38 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.01.05 02:09:38 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014.01.03 19:14:31 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014.01.03 14:09:29 | 000,049,944 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.01.03 14:05:40 | 005,620,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2014.01.03 14:05:39 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2014.01.03 14:05:37 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.03.09 11:27:44 | 000,026,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
DRV - [2010.11.29 04:50:36 | 000,035,712 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {44475ACF-AC79-4352-B49B-5C569BA1927D}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{44475ACF-AC79-4352-B49B-5C569BA1927D}: "URL" = http://google.com/search?q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST\WebRep\FF [2014.01.05 02:09:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2014.01.03 19:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Extensions
[2014.01.04 19:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions
[2014.01.04 19:12:40 | 000,000,000 | ---D | M] (BS Player ControlBar) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2014.01.03 19:08:13 | 001,360,435 | ---- | M] () (No name found) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2014.02.15 10:50:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.02.15 10:50:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KLIF\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C3QUZLCH.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2014.01.05 02:09:39 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Adblock for Facebook \u2122 = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc\0.0.7_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014.02.08 15:43:08 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Web Accessibility Toolbar) - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files\Accessibility_Toolbar\Accessibility_Toolbar.dll (NILS Accessible Information Solutions)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\Toolbar\WebBrowser: (Web Accessibility Toolbar) - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files\Accessibility_Toolbar\Accessibility_Toolbar.dll (NILS Accessible Information Solutions)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\S-1-5-21-1614895754-287218729-725345543-1004..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-1614895754-287218729-725345543-1004..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe (MooSoft Development LLC)
O4 - Startup: C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk = File not found
O4 - Startup: C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF83C10C-EBC6-4DBA-ADCB-DAA8874D84CC}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.01.03 13:39:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.04.25 20:25:29 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.17 10:02:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Klif\Plocha\OTL.exe
[2014.02.16 16:33:23 | 000,107,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014.02.16 16:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
[2014.02.16 03:01:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.15 14:42:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\Malwarebytes
[2014.02.15 12:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.02.15 10:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014.02.09 08:53:14 | 000,052,312 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014.02.09 08:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\mbar
[2014.02.09 08:52:14 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Documents and Settings\Klif\Plocha\mbar-1.07.0.1009.exe
[2014.02.08 16:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.02.08 16:32:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.02.08 16:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.02.08 11:28:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\RK_Quarantine
[2014.02.08 09:36:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.02.08 09:29:47 | 005,183,211 | R--- | C] (Swearware) -- C:\Documents and Settings\Klif\Plocha\ComboFix.exe
[2014.02.08 06:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.02.07 09:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
[2014.02.07 09:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Prison Tycoon 4 CZ
[2014.02.07 09:54:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2014.02.07 09:54:32 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2014.02.07 09:54:32 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2014.02.07 09:54:32 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2014.02.07 09:54:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2014.02.07 09:54:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2014.02.07 09:54:31 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2014.02.07 09:54:30 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2014.02.07 09:54:29 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2014.02.07 09:54:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2014.02.07 09:54:29 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2014.02.07 09:54:29 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2014.02.07 09:54:28 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2014.02.07 09:54:27 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2014.02.07 09:54:26 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2014.02.07 09:54:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2014.02.07 09:54:25 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2014.02.07 09:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Prison Tycoon 4
[2014.02.07 09:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Prison Tycoon 4
[2014.02.05 23:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Sun
[2014.02.04 01:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.04 01:13:31 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.03 11:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\rkill
[2014.02.02 23:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
[2014.02.02 22:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.02.02 22:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Unlocker
[2014.02.02 22:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\IObit Unlocker
[2014.02.01 15:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\thecleaner
[2014.02.01 15:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\The Cleaner
[2014.02.01 15:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\The Cleaner
[2014.01.31 21:41:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.01.31 21:41:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.01.31 21:41:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.01.31 21:41:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.01.31 21:39:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.31 21:39:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Nástroje pro správu
[2014.01.31 21:39:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klif\Dokumenty\Filmy
[2014.01.31 21:39:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Filmy
[2014.01.31 21:39:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.01.24 00:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_26_47 AM)
[2014.01.24 00:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_25_56 AM)
[2014.01.24 00:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_25_37 AM)
[2014.01.24 00:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_25_12 AM)
[2014.01.24 00:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\NVIDIA
[2014.01.24 00:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_24_40 AM)
[2014.01.24 00:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\.android
[2014.01.24 00:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\cache
[2014.01.24 00:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\genienext
[2014.01.24 00:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie
[2014.01.24 00:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Dokumenty\Mobogenie
[2014.01.24 00:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Dokumenty\My Videos
[2014.01.24 00:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoSoft
[2014.01.24 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2014.01.24 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2014.01.24 00:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
[2014.01.24 00:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Free Video Converter
[2014.01.24 00:10:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
[2014.01.24 00:10:04 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2014.01.20 03:13:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Gemfor
[2014.01.20 02:54:38 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014.01.20 02:54:38 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014.01.20 02:54:31 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014.01.20 02:54:31 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014.01.20 02:54:31 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014.01.20 02:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
[2014.01.19 16:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\.minecraft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.02.17 10:05:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.17 10:02:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klif\Plocha\OTL.exe
[2014.02.17 10:01:22 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.02.17 10:00:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.02.17 01:28:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.02.17 01:13:40 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.17 00:13:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.16 16:33:23 | 000,107,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014.02.16 16:32:51 | 000,052,312 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014.02.16 16:08:00 | 000,000,334 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.02.16 03:09:07 | 000,435,682 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.02.16 03:09:07 | 000,432,426 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.02.16 03:09:07 | 000,079,484 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.02.16 03:09:07 | 000,068,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.02.16 03:03:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.02.16 02:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
[2014.02.15 23:55:54 | 000,002,000 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.nast
[2014.02.15 23:55:49 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.err
[2014.02.15 14:42:45 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.02.15 10:28:52 | 005,183,211 | R--- | M] (Swearware) -- C:\Documents and Settings\Klif\Plocha\ComboFix.exe
[2014.02.14 10:47:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.02.10 12:37:22 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk
[2014.02.09 10:38:15 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk
[2014.02.09 08:52:18 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Documents and Settings\Klif\Plocha\mbar-1.07.0.1009.exe
[2014.02.08 22:13:33 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\ch1.bmp
[2014.02.08 15:43:08 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.02.08 11:27:51 | 003,809,792 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\RogueKiller.exe
[2014.02.07 09:53:49 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Prison Tycoon 4.lnk
[2014.02.06 07:09:50 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 7.bmp
[2014.02.06 07:06:28 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 6.bmp
[2014.02.06 07:02:02 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 5.bmp
[2014.02.06 04:38:36 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014.02.06 00:08:34 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014.02.06 00:08:34 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014.02.06 00:08:34 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014.02.06 00:08:34 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014.02.06 00:08:34 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014.02.06 00:08:33 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014.02.06 00:08:33 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014.02.06 00:08:33 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014.02.06 00:08:33 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014.02.05 23:24:05 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2014.02.05 20:26:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.02.05 00:28:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.02.05 00:28:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.02.04 16:12:59 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\winscp.rnd
[2014.02.04 08:00:47 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 3.bmp
[2014.02.04 08:00:35 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 4.bmp
[2014.02.03 23:05:22 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\Adobe Uložit pro web 12.0 Prefs
[2014.02.03 22:01:00 | 000,136,403 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\zvyraznene_menu.psd
[2014.02.03 14:32:53 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 1.bmp
[2014.02.02 22:35:04 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 2.bmp
[2014.01.28 06:30:26 | 000,074,240 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.24 23:50:00 | 000,086,760 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\kontaktni_udaje.jpg
[2014.01.24 22:24:00 | 000,104,825 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\bratislava.jpg
[2014.01.24 20:00:38 | 000,009,042 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trnava_min.jpg
[2014.01.24 19:59:42 | 000,012,227 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\olomouc_min.jpg
[2014.01.24 19:58:41 | 000,176,635 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\olomouc.jpg
[2014.01.24 19:58:18 | 000,012,218 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\pardubice_min.jpg
[2014.01.24 19:57:24 | 000,142,130 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\pardubice.jpg
[2014.01.24 19:57:14 | 000,143,731 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trencin.jpg
[2014.01.24 19:56:57 | 000,013,145 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trencin_min.jpg
[2014.01.24 19:55:00 | 000,099,772 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Trenčín.jpg
[2014.01.24 19:55:00 | 000,093,271 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Pardubice2.jpg
[2014.01.24 19:55:00 | 000,074,606 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trnava.jpg
[2014.01.24 19:07:00 | 000,137,914 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\olomouc.png
[2014.01.24 19:05:14 | 000,011,149 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\istropolis_min.jpg
[2014.01.24 19:03:46 | 000,047,696 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\istropolis.jpg
[2014.01.24 00:20:50 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Free Video to Flash Converter.lnk
[2014.01.24 00:20:49 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DVDVideoSoft Free Studio.lnk
[2014.01.24 00:12:06 | 002,648,977 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\mesice.flv
[2014.01.24 00:10:27 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Free Video Converter.lnk
[2014.01.24 00:08:00 | 000,687,760 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\mesice.wmv
[2014.01.20 18:49:59 | 000,043,559 | ---- | M] () -- C:\WINDOWS\php.ini
[2014.01.20 00:41:00 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Minecraft.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.17 10:05:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.15 10:23:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.02.10 12:37:22 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk
[2014.02.09 10:38:15 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk
[2014.02.08 22:13:33 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\ch1.bmp
[2014.02.08 16:32:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.02.08 11:27:48 | 003,809,792 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\RogueKiller.exe
[2014.02.07 09:53:49 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Prison Tycoon 4.lnk
[2014.02.06 07:09:50 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 7.bmp
[2014.02.06 07:06:28 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 6.bmp
[2014.02.06 07:02:02 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 5.bmp
[2014.02.04 08:00:47 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 3.bmp
[2014.02.04 08:00:35 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 4.bmp
[2014.02.03 22:01:00 | 000,136,403 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\zvyraznene_menu.psd
[2014.02.03 14:32:53 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 1.bmp
[2014.02.02 22:35:04 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 2.bmp
[2014.01.31 21:41:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.01.31 21:41:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.01.31 21:41:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.01.31 21:41:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.01.31 21:41:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.01.24 23:50:00 | 000,086,760 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\kontaktni_udaje.jpg
[2014.01.24 22:24:00 | 000,104,825 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\bratislava.jpg
[2014.01.24 20:00:38 | 000,009,042 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trnava_min.jpg
[2014.01.24 19:59:42 | 000,012,227 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\olomouc_min.jpg
[2014.01.24 19:58:17 | 000,012,218 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\pardubice_min.jpg
[2014.01.24 19:57:24 | 000,142,130 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\pardubice.jpg
[2014.01.24 19:57:14 | 000,143,731 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trencin.jpg
[2014.01.24 19:56:57 | 000,013,145 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trencin_min.jpg
[2014.01.24 19:55:00 | 000,176,635 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\olomouc.jpg
[2014.01.24 19:55:00 | 000,099,772 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Trenčín.jpg
[2014.01.24 19:55:00 | 000,093,271 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Pardubice2.jpg
[2014.01.24 19:55:00 | 000,074,606 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trnava.jpg
[2014.01.24 19:07:00 | 000,137,914 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\olomouc.png
[2014.01.24 19:05:14 | 000,011,149 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\istropolis_min.jpg
[2014.01.24 19:03:46 | 000,047,696 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\istropolis.jpg
[2014.01.24 00:20:49 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Free Video to Flash Converter.lnk
[2014.01.24 00:20:49 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DVDVideoSoft Free Studio.lnk
[2014.01.24 00:12:01 | 002,648,977 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\mesice.flv
[2014.01.24 00:10:31 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Free Video Converter.lnk
[2014.01.24 00:10:27 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Free Video Converter.lnk
[2014.01.24 00:08:00 | 000,687,760 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\mesice.wmv
[2014.01.20 00:41:00 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Minecraft.lnk
[2014.01.17 21:09:25 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\Adobe Uložit pro web 12.0 Prefs
[2014.01.05 14:14:26 | 000,000,042 | ---- | C] () -- C:\WINDOWS\XMLSchemaValidator.INI
[2014.01.04 13:52:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2014.01.04 13:52:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2014.01.04 05:26:18 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.04 03:59:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014.01.04 00:53:38 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Klif\Data aplikací\winscp.rnd
[2014.01.04 00:49:49 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2014.01.04 00:49:48 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2014.01.04 00:46:01 | 000,000,149 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2014.01.03 23:18:34 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2014.01.03 22:29:23 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.err
[2014.01.03 19:34:01 | 000,002,000 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.nast
[2014.01.03 18:41:31 | 000,259,604 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2014.01.03 18:41:31 | 000,259,604 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2014.01.03 18:41:31 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2014.01.03 18:41:24 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2014.01.03 15:08:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2014.01.03 14:09:32 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014.01.03 14:09:32 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014.01.03 14:05:59 | 000,026,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2014.01.03 13:48:47 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014.01.03 13:47:43 | 003,605,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.03 13:41:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014.01.03 13:37:19 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2014.01.03 13:51:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.01.04 00:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AIS
[2014.01.04 00:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2014.01.03 14:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.04 23:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2014.01.20 03:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Gemfor
[2014.02.02 22:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.01.04 00:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2014.01.15 19:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2014.01.23 01:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\.minecraft
[2014.01.04 00:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Ashampoo
[2014.01.03 14:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\AVAST Software
[2014.01.04 05:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer
[2014.01.04 01:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer Pro
[2014.01.04 23:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DAEMON Tools Lite
[2014.01.24 00:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
[2014.02.11 10:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FileZilla
[2014.01.24 00:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
[2014.01.04 13:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\GHISLER
[2014.01.04 01:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQ-Profile
[2014.01.04 00:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQM
[2014.01.04 01:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Nico Mak Computing
[2014.01.04 01:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\OpenOffice
[2014.01.04 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Opera Software
[2014.02.02 23:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
[2014.02.01 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\thecleaner
[2014.01.04 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Thunderbird
[2014.02.07 09:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
========== Purity Check ==========
========== Custom Scans ==========
< >
[2014.01.03 13:38:01 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2014.01.03 13:42:27 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014.01.03 14:09:38 | 000,000,334 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2014.01.03 18:57:05 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014.01.03 18:57:05 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.03 19:28:25 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.01.04 00:40:43 | 000,000,340 | ---- | C] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
[2014.01.04 02:08:03 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
< >
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
OTL logfile created on: 17.2.2014 10:04:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Klif\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 63,78% Memory free
3,85 Gb Paging File | 3,25 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 410,74 Gb Free Space | 44,09% Space Free | Partition Type: NTFS
Drive D: | 931,50 Gb Total Space | 52,21 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Computer Name: KLIFIK | User Name: Klif | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.17 10:02:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klif\Plocha\OTL.exe
PRC - [2014.02.15 10:50:18 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.02.02 00:42:39 | 000,866,632 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.15 10:50:18 | 003,578,992 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.02.05 00:28:20 | 016,287,624 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2014.02.02 00:42:37 | 013,616,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
MOD - [2014.02.02 00:42:37 | 000,399,688 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014.02.02 00:42:35 | 004,055,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014.02.02 00:41:43 | 001,634,632 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013.12.04 21:23:49 | 000,348,160 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.02.15 10:50:18 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.05 00:28:20 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.01.05 02:09:35 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\AVAST\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.11.24 13:46:30 | 000,816,208 | ---- | M] (MooSoft Development LLC) [Auto | Stopped] -- C:\Program Files\The Cleaner\mhelper.exe -- (moohelp)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011.04.08 06:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2008.04.17 13:13:44 | 005,750,784 | ---- | M] () [Auto | Stopped] -- C:\AppServ\MySQL\bin\mysqld-nt.exe -- (mysql)
SRV - [2008.01.17 18:37:26 | 000,024,635 | ---- | M] (Apache Software Foundation) [Auto | Stopped] -- C:\AppServ\Apache2.2\bin\httpd.exe -- (Apache2.2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_juextctrl.sys -- (huawei_ext_ctrl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcecm.sys -- (huawei_cdcecm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Klif\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2014.02.16 16:32:51 | 000,052,312 | ---- | M] (Malwarebytes Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2014.01.05 02:09:38 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.01.05 02:09:38 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.01.05 02:09:38 | 000,180,248 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.01.05 02:09:38 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.01.05 02:09:38 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.01.05 02:09:38 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014.01.03 19:14:31 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2014.01.03 14:09:29 | 000,049,944 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.01.03 14:05:40 | 005,620,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2014.01.03 14:05:39 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2014.01.03 14:05:37 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.03.09 11:27:44 | 000,026,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\IObit Unlocker\IObitUnlocker.sys -- (IObitUnlocker)
DRV - [2010.11.29 04:50:36 | 000,035,712 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2001.08.17 21:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {44475ACF-AC79-4352-B49B-5C569BA1927D}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{44475ACF-AC79-4352-B49B-5C569BA1927D}: "URL" = http://google.com/search?q={searchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.5
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST\WebRep\FF [2014.01.05 02:09:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2014.01.03 19:01:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Extensions
[2014.01.04 19:12:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions
[2014.01.04 19:12:40 | 000,000,000 | ---D | M] (BS Player ControlBar) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2014.01.03 19:08:13 | 001,360,435 | ---- | M] () (No name found) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
[2014.02.15 10:50:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.02.15 10:50:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KLIF\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\C3QUZLCH.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI
[2014.01.05 02:09:39 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Adblock for Facebook \u2122 = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc\0.0.7_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014.02.08 15:43:08 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Web Accessibility Toolbar) - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files\Accessibility_Toolbar\Accessibility_Toolbar.dll (NILS Accessible Information Solutions)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\Toolbar\WebBrowser: (Web Accessibility Toolbar) - {11352A67-0178-46B1-8855-D50B2F81C054} - C:\Program Files\Accessibility_Toolbar\Accessibility_Toolbar.dll (NILS Accessible Information Solutions)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKU\S-1-5-21-1614895754-287218729-725345543-1004..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-1614895754-287218729-725345543-1004..\Run: [tcactive] C:\Program Files\The Cleaner\tcap.exe (MooSoft Development LLC)
O4 - Startup: C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk = File not found
O4 - Startup: C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 1
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF83C10C-EBC6-4DBA-ADCB-DAA8874D84CC}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.01.03 13:39:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011.04.25 20:25:29 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.17 10:02:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Klif\Plocha\OTL.exe
[2014.02.16 16:33:23 | 000,107,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014.02.16 16:33:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
[2014.02.16 03:01:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.15 14:42:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\Malwarebytes
[2014.02.15 12:41:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.02.15 10:50:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014.02.09 08:53:14 | 000,052,312 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014.02.09 08:53:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\mbar
[2014.02.09 08:52:14 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Documents and Settings\Klif\Plocha\mbar-1.07.0.1009.exe
[2014.02.08 16:32:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.02.08 16:32:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.02.08 16:32:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.02.08 11:28:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\RK_Quarantine
[2014.02.08 09:36:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.02.08 09:29:47 | 005,183,211 | R--- | C] (Swearware) -- C:\Documents and Settings\Klif\Plocha\ComboFix.exe
[2014.02.08 06:08:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.02.07 09:55:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
[2014.02.07 09:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Prison Tycoon 4 CZ
[2014.02.07 09:54:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2014.02.07 09:54:32 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2014.02.07 09:54:32 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2014.02.07 09:54:32 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2014.02.07 09:54:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2014.02.07 09:54:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2014.02.07 09:54:31 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2014.02.07 09:54:30 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2014.02.07 09:54:29 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2014.02.07 09:54:29 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2014.02.07 09:54:29 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2014.02.07 09:54:29 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2014.02.07 09:54:28 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2014.02.07 09:54:27 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2014.02.07 09:54:26 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2014.02.07 09:54:26 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2014.02.07 09:54:25 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2014.02.07 09:53:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Prison Tycoon 4
[2014.02.07 09:52:51 | 000,000,000 | ---D | C] -- C:\Program Files\Prison Tycoon 4
[2014.02.05 23:42:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Sun
[2014.02.04 01:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.04 01:13:31 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.03 11:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\rkill
[2014.02.02 23:08:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
[2014.02.02 22:46:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.02.02 22:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Unlocker
[2014.02.02 22:46:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\IObit Unlocker
[2014.02.01 15:24:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\thecleaner
[2014.02.01 15:24:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\The Cleaner
[2014.02.01 15:22:39 | 000,000,000 | ---D | C] -- C:\Program Files\The Cleaner
[2014.01.31 21:41:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.01.31 21:41:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.01.31 21:41:03 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.01.31 21:41:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.01.31 21:39:49 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.31 21:39:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Nástroje pro správu
[2014.01.31 21:39:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Klif\Dokumenty\Filmy
[2014.01.31 21:39:37 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Dokumenty\Filmy
[2014.01.31 21:39:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.01.24 00:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_26_47 AM)
[2014.01.24 00:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_25_56 AM)
[2014.01.24 00:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_25_37 AM)
[2014.01.24 00:25:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_25_12 AM)
[2014.01.24 00:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\NVIDIA
[2014.01.24 00:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Plocha\1_24_2014(12_24_40 AM)
[2014.01.24 00:21:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\.android
[2014.01.24 00:21:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\cache
[2014.01.24 00:21:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\genienext
[2014.01.24 00:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie
[2014.01.24 00:21:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Dokumenty\Mobogenie
[2014.01.24 00:21:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Dokumenty\My Videos
[2014.01.24 00:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoSoft
[2014.01.24 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2014.01.24 00:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2014.01.24 00:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
[2014.01.24 00:10:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Free Video Converter
[2014.01.24 00:10:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
[2014.01.24 00:10:04 | 000,000,000 | ---D | C] -- C:\Program Files\Free Video Converter
[2014.01.20 03:13:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Gemfor
[2014.01.20 02:54:38 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014.01.20 02:54:38 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014.01.20 02:54:31 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014.01.20 02:54:31 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014.01.20 02:54:31 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014.01.20 02:54:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
[2014.01.19 16:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Klif\Data aplikací\.minecraft
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.02.17 10:05:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.17 10:02:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Klif\Plocha\OTL.exe
[2014.02.17 10:01:22 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.02.17 10:00:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.02.17 01:28:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.02.17 01:13:40 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.17 00:13:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.16 16:33:23 | 000,107,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2014.02.16 16:32:51 | 000,052,312 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2014.02.16 16:08:00 | 000,000,334 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.02.16 03:09:07 | 000,435,682 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.02.16 03:09:07 | 000,432,426 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.02.16 03:09:07 | 000,079,484 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.02.16 03:09:07 | 000,068,578 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.02.16 03:03:59 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.02.16 02:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
[2014.02.15 23:55:54 | 000,002,000 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.nast
[2014.02.15 23:55:49 | 000,001,128 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.err
[2014.02.15 14:42:45 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.02.15 10:28:52 | 005,183,211 | R--- | M] (Swearware) -- C:\Documents and Settings\Klif\Plocha\ComboFix.exe
[2014.02.14 10:47:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.02.10 12:37:22 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk
[2014.02.09 10:38:15 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk
[2014.02.09 08:52:18 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Documents and Settings\Klif\Plocha\mbar-1.07.0.1009.exe
[2014.02.08 22:13:33 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\ch1.bmp
[2014.02.08 15:43:08 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.02.08 11:27:51 | 003,809,792 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\RogueKiller.exe
[2014.02.07 09:53:49 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Prison Tycoon 4.lnk
[2014.02.06 07:09:50 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 7.bmp
[2014.02.06 07:06:28 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 6.bmp
[2014.02.06 07:02:02 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 5.bmp
[2014.02.06 04:38:36 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014.02.06 00:08:34 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014.02.06 00:08:34 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014.02.06 00:08:34 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014.02.06 00:08:34 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014.02.06 00:08:34 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014.02.06 00:08:33 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014.02.06 00:08:33 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014.02.06 00:08:33 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014.02.06 00:08:33 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014.02.05 23:24:05 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2014.02.05 20:26:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.02.05 00:28:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.02.05 00:28:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.02.04 16:12:59 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\winscp.rnd
[2014.02.04 08:00:47 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 3.bmp
[2014.02.04 08:00:35 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 4.bmp
[2014.02.03 23:05:22 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\Adobe Uložit pro web 12.0 Prefs
[2014.02.03 22:01:00 | 000,136,403 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\zvyraznene_menu.psd
[2014.02.03 14:32:53 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 1.bmp
[2014.02.02 22:35:04 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 2.bmp
[2014.01.28 06:30:26 | 000,074,240 | ---- | M] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.24 23:50:00 | 000,086,760 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\kontaktni_udaje.jpg
[2014.01.24 22:24:00 | 000,104,825 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\bratislava.jpg
[2014.01.24 20:00:38 | 000,009,042 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trnava_min.jpg
[2014.01.24 19:59:42 | 000,012,227 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\olomouc_min.jpg
[2014.01.24 19:58:41 | 000,176,635 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\olomouc.jpg
[2014.01.24 19:58:18 | 000,012,218 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\pardubice_min.jpg
[2014.01.24 19:57:24 | 000,142,130 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\pardubice.jpg
[2014.01.24 19:57:14 | 000,143,731 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trencin.jpg
[2014.01.24 19:56:57 | 000,013,145 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trencin_min.jpg
[2014.01.24 19:55:00 | 000,099,772 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Trenčín.jpg
[2014.01.24 19:55:00 | 000,093,271 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Pardubice2.jpg
[2014.01.24 19:55:00 | 000,074,606 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\trnava.jpg
[2014.01.24 19:07:00 | 000,137,914 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\olomouc.png
[2014.01.24 19:05:14 | 000,011,149 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\istropolis_min.jpg
[2014.01.24 19:03:46 | 000,047,696 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\istropolis.jpg
[2014.01.24 00:20:50 | 000,001,967 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Free Video to Flash Converter.lnk
[2014.01.24 00:20:49 | 000,000,892 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DVDVideoSoft Free Studio.lnk
[2014.01.24 00:12:06 | 002,648,977 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\mesice.flv
[2014.01.24 00:10:27 | 000,000,816 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Free Video Converter.lnk
[2014.01.24 00:08:00 | 000,687,760 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\mesice.wmv
[2014.01.20 18:49:59 | 000,043,559 | ---- | M] () -- C:\WINDOWS\php.ini
[2014.01.20 00:41:00 | 000,000,936 | ---- | M] () -- C:\Documents and Settings\Klif\Plocha\Minecraft.lnk
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.17 10:05:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.15 10:23:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.02.10 12:37:22 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk
[2014.02.09 10:38:15 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk
[2014.02.08 22:13:33 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\ch1.bmp
[2014.02.08 16:32:06 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.02.08 11:27:48 | 003,809,792 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\RogueKiller.exe
[2014.02.07 09:53:49 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Prison Tycoon 4.lnk
[2014.02.06 07:09:50 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 7.bmp
[2014.02.06 07:06:28 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 6.bmp
[2014.02.06 07:02:02 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 5.bmp
[2014.02.04 08:00:47 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 3.bmp
[2014.02.04 08:00:35 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 4.bmp
[2014.02.03 22:01:00 | 000,136,403 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\zvyraznene_menu.psd
[2014.02.03 14:32:53 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 1.bmp
[2014.02.02 22:35:04 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Nepojmenovaný 2.bmp
[2014.01.31 21:41:03 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.01.31 21:41:03 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.01.31 21:41:03 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.01.31 21:41:03 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.01.31 21:41:03 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.01.24 23:50:00 | 000,086,760 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\kontaktni_udaje.jpg
[2014.01.24 22:24:00 | 000,104,825 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\bratislava.jpg
[2014.01.24 20:00:38 | 000,009,042 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trnava_min.jpg
[2014.01.24 19:59:42 | 000,012,227 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\olomouc_min.jpg
[2014.01.24 19:58:17 | 000,012,218 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\pardubice_min.jpg
[2014.01.24 19:57:24 | 000,142,130 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\pardubice.jpg
[2014.01.24 19:57:14 | 000,143,731 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trencin.jpg
[2014.01.24 19:56:57 | 000,013,145 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trencin_min.jpg
[2014.01.24 19:55:00 | 000,176,635 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\olomouc.jpg
[2014.01.24 19:55:00 | 000,099,772 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Trenčín.jpg
[2014.01.24 19:55:00 | 000,093,271 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Pardubice2.jpg
[2014.01.24 19:55:00 | 000,074,606 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\trnava.jpg
[2014.01.24 19:07:00 | 000,137,914 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\olomouc.png
[2014.01.24 19:05:14 | 000,011,149 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\istropolis_min.jpg
[2014.01.24 19:03:46 | 000,047,696 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\istropolis.jpg
[2014.01.24 00:20:49 | 000,001,967 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Free Video to Flash Converter.lnk
[2014.01.24 00:20:49 | 000,000,892 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DVDVideoSoft Free Studio.lnk
[2014.01.24 00:12:01 | 002,648,977 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\mesice.flv
[2014.01.24 00:10:31 | 000,000,850 | ---- | C] () -- C:\Documents and Settings\Klif\Nabídka Start\Programy\Free Video Converter.lnk
[2014.01.24 00:10:27 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Free Video Converter.lnk
[2014.01.24 00:08:00 | 000,687,760 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\mesice.wmv
[2014.01.20 00:41:00 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\Klif\Plocha\Minecraft.lnk
[2014.01.17 21:09:25 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\Adobe Uložit pro web 12.0 Prefs
[2014.01.05 14:14:26 | 000,000,042 | ---- | C] () -- C:\WINDOWS\XMLSchemaValidator.INI
[2014.01.04 13:52:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2014.01.04 13:52:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2014.01.04 05:26:18 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.04 03:59:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2014.01.04 00:53:38 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Klif\Data aplikací\winscp.rnd
[2014.01.04 00:49:49 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2014.01.04 00:49:48 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2014.01.04 00:46:01 | 000,000,149 | ---- | C] () -- C:\WINDOWS\iexplore.ini
[2014.01.03 23:18:34 | 000,000,161 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2014.01.03 22:29:23 | 000,001,128 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.err
[2014.01.03 19:34:01 | 000,002,000 | ---- | C] () -- C:\Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.nast
[2014.01.03 18:41:31 | 000,259,604 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2014.01.03 18:41:31 | 000,259,604 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2014.01.03 18:41:31 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2014.01.03 18:41:24 | 002,116,894 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2014.01.03 15:08:08 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2014.01.03 14:09:32 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014.01.03 14:09:32 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2014.01.03 14:05:59 | 000,026,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2014.01.03 13:48:47 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2014.01.03 13:47:43 | 003,605,264 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.03 13:41:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2014.01.03 13:37:19 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2014.01.03 13:51:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014.01.04 00:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AIS
[2014.01.04 00:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2014.01.03 14:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.04 23:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2014.01.20 03:13:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Gemfor
[2014.02.02 22:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.01.04 00:35:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2014.01.15 19:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
[2014.01.23 01:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\.minecraft
[2014.01.04 00:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Ashampoo
[2014.01.03 14:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\AVAST Software
[2014.01.04 05:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer
[2014.01.04 01:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer Pro
[2014.01.04 23:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DAEMON Tools Lite
[2014.01.24 00:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
[2014.02.11 10:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FileZilla
[2014.01.24 00:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
[2014.01.04 13:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\GHISLER
[2014.01.04 01:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQ-Profile
[2014.01.04 00:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQM
[2014.01.04 01:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Nico Mak Computing
[2014.01.04 01:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\OpenOffice
[2014.01.04 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Opera Software
[2014.02.02 23:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
[2014.02.01 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\thecleaner
[2014.01.04 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Thunderbird
[2014.02.07 09:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
========== Purity Check ==========
========== Custom Scans ==========
< >
[2014.01.03 13:38:01 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2014.01.03 13:42:27 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014.01.03 14:09:38 | 000,000,334 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2014.01.03 18:57:05 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014.01.03 18:57:05 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.01.03 19:28:25 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.01.04 00:40:43 | 000,000,340 | ---- | C] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
[2014.01.04 02:08:03 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
< >
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
Re: Prosím o pomoc s odstraněním viru
< >
< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.01.23 01:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\.minecraft
[2014.01.24 18:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Adobe
[2014.01.04 02:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Apple Computer
[2014.01.04 00:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Ashampoo
[2014.01.03 14:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\AVAST Software
[2014.01.04 05:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer
[2014.01.04 01:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer Pro
[2014.01.04 23:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DAEMON Tools Lite
[2014.01.24 00:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
[2014.02.11 10:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FileZilla
[2014.01.24 00:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
[2014.01.04 13:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\GHISLER
[2014.01.04 01:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQ-Profile
[2014.01.04 00:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQM
[2014.01.03 13:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Identities
[2014.01.03 19:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Macromedia
[2014.02.15 14:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Malwarebytes
[2014.01.04 19:04:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Klif\Data aplikací\Microsoft
[2014.01.03 19:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Mozilla
[2014.01.04 01:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Nico Mak Computing
[2014.01.24 00:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\NVIDIA
[2014.01.04 01:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\OpenOffice
[2014.01.04 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Opera Software
[2014.01.04 00:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\PSpad
[2014.02.02 23:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
[2014.02.08 13:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Skype
[2014.01.04 13:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Sun
[2014.02.01 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\thecleaner
[2014.01.04 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Thunderbird
[2014.02.07 09:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
[2014.01.03 19:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2014.01.04 00:35:06 | 033,664,344 | ---- | M] (ICQ) -- C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe
[2014.01.04 00:35:08 | 039,431,496 | ---- | M] (ICQ) -- C:\Documents and Settings\Klif\Data aplikací\ICQM\icqsetup.exe
[2014.01.04 00:35:06 | 004,739,616 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\ICQM\ICQ\dll\mailrusputnik.exe
[2014.01.07 00:43:56 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Klif\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014.02.03 15:23:58 | 000,157,184 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net\VirusTotalUpload.exe
[2014.01.20 02:53:40 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2014.01.03 13:46:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2014.01.03 13:46:50 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2014.01.03 13:46:50 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2014.02.16 16:32:51 | 000,052,312 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamchameleon.sys
[2014.02.16 16:33:23 | 000,107,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2014.02.17 10:01:22 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2014.02.16 03:04:05 | 085,946,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.02.16 03:09:07 | 000,079,484 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.02.16 03:09:07 | 000,068,578 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.02.16 03:09:07 | 000,432,426 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.02.16 03:09:07 | 000,435,682 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.02.16 03:09:07 | 000,987,422 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2014.02.14 10:47:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Rainlendar2" = C:\Program Files\Rainlendar2\Rainlendar2.exe -- [2011.02.04 14:24:32 | 002,346,496 | ---- | M] ()
"tcactive" = C:\Program Files\The Cleaner\tcap.exe -- [2013.11.24 13:46:24 | 006,152,272 | ---- | M] (MooSoft Development LLC)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.17 10:05:14 | 000,000,512 | ---- | M] () MD5=C8503BAEC789112CBB0A6281064500D1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2009.07.15 21:40:14 | 000,109,307 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\crack-harry-potter.rar
[2012.07.23 07:44:06 | 001,349,159 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Hospital Tycoon\Hospital Tycoon Crack.rar
[2003.08.19 12:47:14 | 000,011,141 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Scooby Doo a strašlivý kamenný drak\HD\Case File #2\scripts\FireCrackerClues.inc
[2004.11.26 12:50:07 | 000,002,032 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Scooby Doo a strašlivý kamenný drak\HD\Case File #2\scripts\SC4FireCrackerClues.xml
[2007.03.08 14:36:14 | 000,014,807 | ---- | M] () -- \Program Files\Hospital Tycoon\GameData\Sounds\CRACKER.ogg
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2007.09.20 11:46:30 | 000,002,084 | ---- | M] () -- \AppServ\www\_vzor\php\js\greybox\loader_frame.html
[2013.08.01 14:39:48 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\old\js\greybox\loader_frame.html
[2010.12.27 20:56:28 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\old\old-localhost\js\greybox\loader_frame.html
[2009.12.02 15:54:14 | 000,006,305 | ---- | M] () -- \AppServ\www\aldea\web\admin\php\tiny_mce\plugins\ccSimpleUploader\uploader.php
[2009.12.02 11:44:54 | 000,000,671 | ---- | M] () -- \AppServ\www\aldea\web\admin\php\tiny_mce\plugins\ccSimpleUploader\img\ccSimpleUploader.png
[2010.12.27 21:45:14 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\web\js\greybox\loader_frame.html
[2013.08.26 10:57:46 | 000,006,305 | ---- | M] () -- \AppServ\www\aldea\zalohy\admin\php\tiny_mce\plugins\ccSimpleUploader\uploader.php
[2013.08.26 10:57:48 | 000,000,671 | ---- | M] () -- \AppServ\www\aldea\zalohy\admin\php\tiny_mce\plugins\ccSimpleUploader\img\ccSimpleUploader.png
[2013.08.26 10:57:16 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\zalohy\js\greybox\loader_frame.html
[2010.12.27 22:06:52 | 000,002,188 | ---- | M] () -- \AppServ\www\daniken\web.bak\js\greybox\loader_frame.html
[2014.01.15 19:32:55 | 000,002,188 | ---- | M] () -- \AppServ\www\daniken\web\js\greybox\loader_frame.html
[2012.04.02 11:04:42 | 000,011,671 | ---- | M] () -- \AppServ\www\old\drosera\novera-city.cz\fw_symfony\symfony\config\sfLoader.class.php
[2012.09.20 13:00:55 | 000,011,718 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\_symfony\lib\config\sfLoader.class.php
[2012.09.20 13:00:55 | 000,009,427 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\web\images\backoffice\ajax-loader.gif
[2012.09.20 12:57:33 | 000,005,616 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\admin\FCKeditor\editor\_source\fckscriptloader.js
[2012.09.20 12:57:33 | 000,001,776 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\admin\FCKeditor\editor\_source\classes\fckimagepreloader.js
[2012.09.20 12:57:33 | 000,005,616 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\phplist-2.10.10\public_html\lists\admin\FCKeditor\editor\_source\fckscriptloader.js
[2012.09.20 12:57:33 | 000,001,776 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\phplist-2.10.10\public_html\lists\admin\FCKeditor\editor\_source\classes\fckimagepreloader.js
[2012.05.21 19:53:06 | 000,011,718 | ---- | M] () -- \AppServ\www\old\drosera\symfony1\symfony\config\sfLoader.class.php
[2011.08.11 15:00:35 | 000,041,279 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\js\fileuploader.js
[2011.08.11 15:00:36 | 000,006,110 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\require\qqFileUploader.php
[2011.08.11 15:00:36 | 000,001,701 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\styl\fileuploader.css
[2011.10.26 03:34:58 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.10.26 03:35:46 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.04.24 17:14:39 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.04.24 17:14:42 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2012.06.12 12:35:28 | 000,004,131 | ---- | M] () -- \AppServ\www\old\fresh-services\git\admin\js\ckfinder\plugins\flashupload\Uploader.html
[2012.06.12 12:35:28 | 000,260,340 | ---- | M] () -- \AppServ\www\old\fresh-services\git\admin\js\ckfinder\plugins\flashupload\flash\Uploader.swf
[2011.11.05 18:52:03 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.11.05 18:52:21 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2012.01.03 07:00:54 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2012.01.03 07:00:55 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2009.05.18 00:53:45 | 000,005,616 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\baharis\fckeditor\editor\_source\fckscriptloader.js
[2009.05.18 00:53:39 | 000,001,776 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\baharis\fckeditor\editor\_source\classes\fckimagepreloader.js
[2010.03.18 14:42:56 | 000,002,084 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\baharis\greybox\loader_frame.html
[2011.05.23 18:50:00 | 000,002,084 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\html\greybox\loader_frame.html
[2011.05.23 18:50:00 | 000,012,288 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\html\greybox\.DAV\loader_frame.html
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\beta\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\beta\wp-includes\template-loader.php
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web2\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web2\wp-includes\template-loader.php
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web3\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web3\wp-includes\template-loader.php
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web-ftp\www\beta\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web-ftp\www\beta\wp-includes\template-loader.php
[2011.05.30 12:51:32 | 000,035,175 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\wp-includes\script-loader.php
[2011.05.30 12:51:34 | 000,001,893 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\wp-includes\template-loader.php
[2011.09.12 14:35:44 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.09.12 14:36:32 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.09.29 08:47:59 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.09.29 08:48:03 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2010.01.26 06:10:00 | 000,004,050 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\libraries\loader.php
[2007.08.30 17:19:00 | 000,000,584 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\media\system\images\mootree_loader.gif
[2008.08.21 02:09:00 | 000,008,747 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\media\system\js\uploader.js
[2007.07.16 10:15:00 | 000,001,615 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\media\system\swf\uploader.swf
[2011.07.11 18:19:10 | 000,035,727 | ---- | M] () -- \AppServ\www\old\fresh-services\seyinvest\beta\wp-includes\script-loader.php
[2010.04.28 06:48:10 | 000,001,893 | ---- | M] () -- \AppServ\www\old\fresh-services\seyinvest\beta\wp-includes\template-loader.php
[2011.06.11 16:24:38 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.06.11 16:24:42 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.06.10 21:10:49 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.06.10 21:11:16 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.08.10 11:23:40 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.08.10 11:24:03 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.05.22 11:37:00 | 000,005,477 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.05.22 11:38:00 | 000,001,708 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.05.22 11:37:00 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.05.22 11:38:00 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2012.01.03 02:29:19 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2012.01.03 02:29:20 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.09.08 13:48:07 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.09.08 13:48:12 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.08.13 20:44:26 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.08.13 20:45:16 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.10.01 16:13:53 | 000,004,131 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\js\ckfinder\plugins\flashupload\Uploader.html
[2011.10.01 16:14:32 | 000,260,340 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\js\ckfinder\plugins\flashupload\flash\Uploader.swf
[2012.05.14 17:10:37 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2012.05.14 17:10:38 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.02.27 09:47:16 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.02.27 09:47:36 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2007.12.09 19:08:12 | 000,000,673 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\devel\loader-little.gif
[2009.04.16 22:13:48 | 000,003,494 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\jquery_ui\jquery.ui\demos\functional\images\ajax-loader.gif
[2009.04.16 22:13:48 | 000,004,782 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\jquery_ui\jquery.ui\demos\real-world\layout\loader.gif
[2009.04.16 22:13:48 | 000,000,317 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\jquery_ui\jquery.ui\demos\real-world\layout\loader_bg.gif
[2011.05.13 14:59:57 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.05.13 15:00:19 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2010.12.27 21:45:13 | 000,002,188 | ---- | M] () -- \AppServ\www\old\petr\interaktivni-ucebny\web\js\greybox\loader_frame.html
[2013.05.20 12:27:12 | 000,002,700 | ---- | M] () -- \AppServ\www\old\petr\profilampy.sk\classes\PHPExcel\Autoloader.php
[2010.12.27 22:40:18 | 000,002,188 | ---- | M] () -- \AppServ\www\old\petr\projektmedia\web\js\greybox\loader_frame.html
[2013.02.05 11:18:14 | 000,006,611 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.02.05 11:18:14 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\functions\functions.mediauploader.php
[2013.02.05 11:18:14 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.02.05 11:18:14 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\js\of-medialibrary-uploader.js
[2013.02.06 14:27:50 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\images\loader.gif
[2013.03.22 23:36:34 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.03.22 23:36:38 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\functions\functions.mediauploader.php
[2013.03.22 23:36:39 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.03.22 23:36:39 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\js\of-medialibrary-uploader.js
[2013.03.22 23:36:43 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\images\loader.gif
[2013.03.22 23:38:14 | 000,042,202 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\script-loader.php
[2013.03.22 23:38:14 | 000,002,109 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\template-loader.php
[2013.03.22 23:38:22 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\images\uploader-icons-2x.png
[2013.03.22 23:38:22 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\images\uploader-icons.png
[2013.03.22 23:38:26 | 000,004,408 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\js\customize-loader.js
[2013.03.22 23:38:26 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\js\customize-loader.min.js
[2013.01.23 21:04:46 | 000,041,330 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\script-loader.php
[2012.10.31 23:01:14 | 000,002,060 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\template-loader.php
[2012.11.30 02:18:08 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\images\uploader-icons-2x.png
[2012.11.30 02:18:08 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\images\uploader-icons.png
[2012.11.21 22:31:56 | 000,004,244 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\js\customize-loader.js
[2012.11.21 22:31:56 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\js\customize-loader.min.js
[2013.03.28 13:16:03 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.03.28 13:16:06 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\functions\functions.mediauploader.php
[2013.03.28 13:16:07 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.03.28 13:16:07 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\js\of-medialibrary-uploader.js
[2013.03.28 13:16:12 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\images\loader.gif
[2013.03.28 13:18:08 | 000,042,202 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\script-loader.php
[2013.03.28 13:18:08 | 000,002,109 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\template-loader.php
[2013.03.28 13:18:14 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\images\uploader-icons-2x.png
[2013.03.28 13:18:14 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\images\uploader-icons.png
[2013.03.28 13:18:17 | 000,004,408 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\js\customize-loader.js
[2013.03.28 13:18:17 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\js\customize-loader.min.js
[2013.03.28 13:30:21 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.03.28 13:30:26 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\functions\functions.mediauploader.php
[2013.03.28 13:30:27 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.03.28 13:30:27 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\js\of-medialibrary-uploader.js
[2013.03.28 13:30:33 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\images\loader.gif
[2013.03.28 13:31:13 | 000,042,202 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\script-loader.php
[2013.03.28 13:31:12 | 000,002,109 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\template-loader.php
[2013.03.28 13:31:24 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\images\uploader-icons-2x.png
[2013.03.28 13:31:23 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\images\uploader-icons.png
[2013.03.28 13:31:27 | 000,004,408 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\js\customize-loader.js
[2013.03.28 13:31:27 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\js\customize-loader.min.js
[2010.05.16 17:10:46 | 004,615,552 | ---- | M] () -- \AppServ\www\ostatní\MultipleUploader.rar
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2014.01.03 19:32:28 | 000,000,779 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Microsoft\Internet Explorer\Quick Launch\SRDownloader.lnk
[2014.01.04 19:12:24 | 000,000,847 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img\ajax-loader.gif
[2014.01.04 19:12:21 | 000,001,135 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img\loader-icon.png
[2014.01.04 19:12:21 | 000,003,208 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\img\loader.gif
[2009.10.18 03:16:20 | 000,020,992 | ---- | M] () -- \Documents and Settings\Klif\Dokumenty\zálohy\programy\Outlook\maily\backup-jednotlive18.9.2009\ostatni\ShareRapid Downloader.msg
[2014.02.15 23:55:49 | 000,001,128 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.err
[2014.02.15 23:55:54 | 000,002,000 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.nast
[2014.01.29 19:13:44 | 000,003,208 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\skin\ajax-loader.gif
[2014.01.27 07:54:38 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif
[2014.01.27 07:54:38 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif
[2014.01.27 07:54:38 | 000,006,331 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif
[2014.01.27 07:54:39 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif
[2014.01.27 07:54:39 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif
[2014.01.27 07:54:39 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif
[2014.01.04 18:19:59 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\09EB8P2R\AdLoader[1].htm
[2014.01.04 00:19:22 | 000,001,174 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\09EB8P2R\downloader[1].js
[2014.02.08 06:04:05 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\8WEHS4PG\AdLoader[1].htm
[2014.02.01 14:39:10 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\JOLW86JB\AdLoader[2].htm
[2014.02.03 13:44:12 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[1].htm
[2014.02.03 13:51:54 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[2].htm
[2014.02.07 22:24:01 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[3].htm
[2014.02.07 22:27:52 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[4].htm
[2014.02.07 22:33:07 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[5].htm
[2014.02.02 08:26:55 | 000,111,438 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\OF65VQYE\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.02.02 23:01:25 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\OF65VQYE\AdLoader[1].htm
[2014.02.04 10:38:58 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\OF65VQYE\AdLoader[3].htm
[2011.10.12 08:17:10 | 2658,238,463 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Heroes of Might and Magic IV\Might.and.Magic.Heroes.VI.CZ-SKIDROW.by.Delfin.of.PowerUploaders.iso
[2011.09.21 12:23:20 | 000,235,032 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Heroes of Might and Magic IV\soubory hmmIV\ubiorbitapi_r2_loader.dll
[2009.06.28 21:16:32 | 002,172,400 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\BackgroundDownloader.exe
[2010.10.27 10:28:20 | 003,075,979 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\WoW-3.3.5.12340-x86-Win-enGB-BKGND-downloader.exe
[2009.04.08 15:25:02 | 000,003,026 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2009.04.08 15:25:02 | 000,004,261 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010.06.23 06:31:59 | 000,019,577 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Logs\Downloader.log
[2013.11.19 21:21:26 | 000,905,728 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\share-rapid manager\SRDownloader.exe
[2011.06.09 23:52:42 | 005,299,048 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\KMPlayer\ImLoader.dll
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014.01.04 01:33:20 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice 4\program\javaloader.uno.dll
[2013.09.17 04:57:36 | 000,005,813 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.py
[2014.01.04 01:33:20 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.dll
[2013.09.20 13:57:06 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.ini
[2013.09.20 13:39:02 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice 4\program\classes\unoloader.jar
[2013.09.16 22:10:56 | 000,013,420 | ---- | M] () -- \Program Files\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2013.11.19 21:21:26 | 000,905,728 | ---- | M] () -- \Program Files\share-rapid manager\SRDownloader.exe
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
[2013.02.23 10:53:55 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\bazenek\web\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.02.23 10:53:55 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\bazenek\web\apps\backoffice\modules\pages\validate\editNode.yml
[2013.01.05 13:31:37 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\jiloviste_cz\apps\backoffice\modules\pages\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,161 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\catalog\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\dms\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\gallery\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\pages\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\pko_protocols\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcom3\backoffice\modules\catalog\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcom3\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\backoffice\modules\catalog\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\catalog\validate\editNode.yml
[2013.03.26 14:19:21 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\backoffice\modules\catalog\validate\editNode.yml
[2013.03.26 14:20:27 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\backoffice\modules\pages\validate\editNode.yml
[2013.03.26 14:21:06 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\catalog\validate\editNode.yml
[2013.03.26 14:24:37 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\satcom\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.03.26 14:26:07 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\satcom\apps\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom\apps\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom2\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom2\apps\backoffice\modules\pages\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\web\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\web\apps\backoffice\modules\pages\validate\editNode.yml
[2013.02.09 12:00:17 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\web\cache\backoffice\prod\config\modules_pages_validate_editNode.yml.php
[2012.02.03 20:13:59 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\silku\cache\_backoffice\prod\config\modules_catalog_validate_editNode.yml.php
[2013.03.12 13:35:32 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\silku\cache\backoffice\prod\config\modules_catalog_validate_editNode.yml.php
[2013.03.20 16:53:03 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\silku\cache\backoffice\prod\config\modules_pages_validate_editNode.yml.php
[2011.09.13 15:21:17 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\silku\xxx\apps\backoffice\modules\catalog\validate\editNode.yml
[2011.09.13 15:21:30 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\silku\xxx\apps\backoffice\modules\pages\validate\editNode.yml
[2013.01.29 16:46:55 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\volby-online_cz\apps\backoffice\modules\pages\validate\editNode.yml
< *AutoKMS* /s >
[2014.01.03 23:18:34 | 000,000,161 | ---- | M] () -- \WINDOWS\AutoKMS.ini
[5 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
< *activator* /s >
< *serial* /s >
[2011.08.13 15:20:51 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.08.13 15:21:04 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.10.26 03:35:11 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\require\PHPExcel\Reader\Serialized.php
[2011.10.26 03:35:35 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\require\PHPExcel\Writer\Serialized.php
[2011.04.24 17:14:58 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.04.24 17:15:10 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\require\PHPExcel\Writer\Serialized.php
[2012.06.12 12:35:24 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\git\_AdminsCommon\require\PHPExcel\Reader\Serialized.php
[2012.06.12 12:35:25 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\git\_AdminsCommon\require\PHPExcel\Writer\Serialized.php
[2011.11.05 18:52:16 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.11.05 18:52:20 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\require\PHPExcel\Writer\Serialized.php
[2012.01.03 07:01:11 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\require\PHPExcel\Reader\Serialized.php
[2012.01.03 07:01:22 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\beta\wp-includes\js\jquery\jquery.serialize-object.js
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web2\wp-includes\js\jquery\jquery.serialize-object.js
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web3\wp-includes\js\jquery\jquery.serialize-object.js
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web-ftp\www\beta\wp-includes\js\jquery\jquery.serialize-object.js
[2011.01.20 23:09:38 | 000,000,783 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\wp-includes\js\jquery\jquery.serialize-object.js
[2011.09.12 14:35:56 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.12 14:36:20 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.29 08:49:12 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.29 08:52:07 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.29 08:53:20 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.09.29 08:56:09 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2011.01.20 22:09:38 | 000,000,783 | ---- | M] () -- \AppServ\www\old\fresh-services\seyinvest\beta\wp-includes\js\jquery\jquery.serialize-object.js
[2011.06.11 16:26:06 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.06.11 16:29:33 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.08.05 13:10:23 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.08.05 13:10:28 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2011.06.10 21:11:08 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.06.10 21:11:14 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.08.10 11:23:58 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\require\PHPExcel\Reader\Serialized.php
[2011.08.10 11:24:01 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\require\PHPExcel\Writer\Serialized.php
[2011.05.22 11:37:00 | 000,003,986 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\require\PHPExcel\Reader\Serialized.php
[2011.05.22 11:38:00 | 000,005,955 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\require\PHPExcel\Writer\Serialized.php
[2011.05.22 11:37:00 | 000,003,986 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.05.22 11:38:00 | 000,005,955 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\require\PHPExcel\Writer\Serialized.php
[2012.01.03 02:29:37 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\require\PHPExcel\Reader\Serialized.php
[2012.01.03 02:29:47 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.08 13:49:41 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.08 13:52:21 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.08 13:53:51 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.09.08 13:56:34 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2011.09.01 14:17:09 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.01 14:17:13 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.08.13 20:46:53 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.08.13 20:47:01 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2012.05.14 17:10:18 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\_AdminsCommon\require\PHPExcel\Reader\Serialized.php
[2012.05.14 17:10:30 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\_AdminsCommon\require\PHPExcel\Writer\Serialized.php
[2011.02.27 09:47:28 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\require\PHPExcel\Reader\Serialized.php
[2011.02.27 09:47:34 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\require\PHPExcel\Writer\Serialized.php
[2011.05.26 15:30:52 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.05.26 15:30:58 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\require\PHPExcel\Writer\Serialized.php
[2013.05.20 12:27:12 | 000,004,010 | ---- | M] () -- \AppServ\www\old\petr\profilampy.sk\classes\PHPExcel\CachedObjectStorage\MemorySerialized.php
[2013.03.22 23:38:27 | 000,000,814 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\js\jquery\jquery.serialize-object.js
[2011.01.20 23:09:38 | 000,000,783 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\js\jquery\jquery.serialize-object.js
[2013.03.28 13:18:18 | 000,000,814 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\js\jquery\jquery.serialize-object.js
[2013.03.28 13:31:28 | 000,000,814 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\js\jquery\jquery.serialize-object.js
[2010.08.14 16:46:10 | 000,009,066 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.08.14 16:46:10 | 000,000,219 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.10.05 09:01:18 | 000,009,066 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.10.05 09:01:18 | 000,000,219 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.01.04 14:57:41 | 000,000,246 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\Photoshop CS3\serial.txt
[2009.01.04 11:12:28 | 000,000,080 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\TuneUp 2009\old\serial key.txt
[2011.05.13 21:22:55 | 000,000,157 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\TuneUp 2009\TUNEUP 2009CZ\serial key.txt
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2014.02.16 03:08:47 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.01.05 01:01:41 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.16 03:13:48 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.16 03:07:31 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
< End of report >
< %systemroot%*.* /U /s >
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.01.23 01:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\.minecraft
[2014.01.24 18:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Adobe
[2014.01.04 02:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Apple Computer
[2014.01.04 00:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Ashampoo
[2014.01.03 14:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\AVAST Software
[2014.01.04 05:59:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer
[2014.01.04 01:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\BSplayer Pro
[2014.01.04 23:38:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DAEMON Tools Lite
[2014.01.24 00:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\DVDVideoSoft
[2014.02.11 10:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FileZilla
[2014.01.24 00:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\FreeVideoConverter
[2014.01.04 13:37:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\GHISLER
[2014.01.04 01:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQ-Profile
[2014.01.04 00:35:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ICQM
[2014.01.03 13:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Identities
[2014.01.03 19:52:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Macromedia
[2014.02.15 14:42:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Malwarebytes
[2014.01.04 19:04:52 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Klif\Data aplikací\Microsoft
[2014.01.03 19:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Mozilla
[2014.01.04 01:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Nico Mak Computing
[2014.01.24 00:24:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\NVIDIA
[2014.01.04 01:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\OpenOffice
[2014.01.04 13:29:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Opera Software
[2014.01.04 00:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\PSpad
[2014.02.02 23:11:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net
[2014.02.08 13:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Skype
[2014.01.04 13:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Sun
[2014.02.01 20:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\thecleaner
[2014.01.04 13:24:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\Thunderbird
[2014.02.07 09:55:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\ValuSoft
[2014.01.03 19:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Klif\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2014.01.04 00:35:06 | 033,664,344 | ---- | M] (ICQ) -- C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe
[2014.01.04 00:35:08 | 039,431,496 | ---- | M] (ICQ) -- C:\Documents and Settings\Klif\Data aplikací\ICQM\icqsetup.exe
[2014.01.04 00:35:06 | 004,739,616 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\ICQM\ICQ\dll\mailrusputnik.exe
[2014.01.07 00:43:56 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Klif\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014.02.03 15:23:58 | 000,157,184 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\Runscanner.net\VirusTotalUpload.exe
[2014.01.20 02:53:40 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Klif\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2014.01.03 13:46:50 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2014.01.03 13:46:50 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2014.01.03 13:46:50 | 000,475,136 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
[2014.02.16 16:32:51 | 000,052,312 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamchameleon.sys
[2014.02.16 16:33:23 | 000,107,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
< %systemroot%\system32\*.* /3 >
[2014.02.17 10:01:22 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2014.02.16 03:04:05 | 085,946,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.02.16 03:09:07 | 000,079,484 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.02.16 03:09:07 | 000,068,578 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.02.16 03:09:07 | 000,432,426 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.02.16 03:09:07 | 000,435,682 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.02.16 03:09:07 | 000,987,422 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2014.02.14 10:47:37 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Rainlendar2" = C:\Program Files\Rainlendar2\Rainlendar2.exe -- [2011.02.04 14:24:32 | 002,346,496 | ---- | M] ()
"tcactive" = C:\Program Files\The Cleaner\tcap.exe -- [2013.11.24 13:46:24 | 006,152,272 | ---- | M] (MooSoft Development LLC)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 08:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.17 10:05:14 | 000,000,512 | ---- | M] () MD5=C8503BAEC789112CBB0A6281064500D1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2009.07.15 21:40:14 | 000,109,307 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\crack-harry-potter.rar
[2012.07.23 07:44:06 | 001,349,159 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Hospital Tycoon\Hospital Tycoon Crack.rar
[2003.08.19 12:47:14 | 000,011,141 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Scooby Doo a strašlivý kamenný drak\HD\Case File #2\scripts\FireCrackerClues.inc
[2004.11.26 12:50:07 | 000,002,032 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Scooby Doo a strašlivý kamenný drak\HD\Case File #2\scripts\SC4FireCrackerClues.xml
[2007.03.08 14:36:14 | 000,014,807 | ---- | M] () -- \Program Files\Hospital Tycoon\GameData\Sounds\CRACKER.ogg
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Program Files\Rockstar Games\GTA San Andreas\data\Decision\Craig\crack1.ped
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2007.09.20 11:46:30 | 000,002,084 | ---- | M] () -- \AppServ\www\_vzor\php\js\greybox\loader_frame.html
[2013.08.01 14:39:48 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\old\js\greybox\loader_frame.html
[2010.12.27 20:56:28 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\old\old-localhost\js\greybox\loader_frame.html
[2009.12.02 15:54:14 | 000,006,305 | ---- | M] () -- \AppServ\www\aldea\web\admin\php\tiny_mce\plugins\ccSimpleUploader\uploader.php
[2009.12.02 11:44:54 | 000,000,671 | ---- | M] () -- \AppServ\www\aldea\web\admin\php\tiny_mce\plugins\ccSimpleUploader\img\ccSimpleUploader.png
[2010.12.27 21:45:14 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\web\js\greybox\loader_frame.html
[2013.08.26 10:57:46 | 000,006,305 | ---- | M] () -- \AppServ\www\aldea\zalohy\admin\php\tiny_mce\plugins\ccSimpleUploader\uploader.php
[2013.08.26 10:57:48 | 000,000,671 | ---- | M] () -- \AppServ\www\aldea\zalohy\admin\php\tiny_mce\plugins\ccSimpleUploader\img\ccSimpleUploader.png
[2013.08.26 10:57:16 | 000,002,188 | ---- | M] () -- \AppServ\www\aldea\zalohy\js\greybox\loader_frame.html
[2010.12.27 22:06:52 | 000,002,188 | ---- | M] () -- \AppServ\www\daniken\web.bak\js\greybox\loader_frame.html
[2014.01.15 19:32:55 | 000,002,188 | ---- | M] () -- \AppServ\www\daniken\web\js\greybox\loader_frame.html
[2012.04.02 11:04:42 | 000,011,671 | ---- | M] () -- \AppServ\www\old\drosera\novera-city.cz\fw_symfony\symfony\config\sfLoader.class.php
[2012.09.20 13:00:55 | 000,011,718 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\_symfony\lib\config\sfLoader.class.php
[2012.09.20 13:00:55 | 000,009,427 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\web\images\backoffice\ajax-loader.gif
[2012.09.20 12:57:33 | 000,005,616 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\admin\FCKeditor\editor\_source\fckscriptloader.js
[2012.09.20 12:57:33 | 000,001,776 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\admin\FCKeditor\editor\_source\classes\fckimagepreloader.js
[2012.09.20 12:57:33 | 000,005,616 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\phplist-2.10.10\public_html\lists\admin\FCKeditor\editor\_source\fckscriptloader.js
[2012.09.20 12:57:33 | 000,001,776 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\list_new\phplist-2.10.10\public_html\lists\admin\FCKeditor\editor\_source\classes\fckimagepreloader.js
[2012.05.21 19:53:06 | 000,011,718 | ---- | M] () -- \AppServ\www\old\drosera\symfony1\symfony\config\sfLoader.class.php
[2011.08.11 15:00:35 | 000,041,279 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\js\fileuploader.js
[2011.08.11 15:00:36 | 000,006,110 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\require\qqFileUploader.php
[2011.08.11 15:00:36 | 000,001,701 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\styl\fileuploader.css
[2011.10.26 03:34:58 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.10.26 03:35:46 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.04.24 17:14:39 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.04.24 17:14:42 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2012.06.12 12:35:28 | 000,004,131 | ---- | M] () -- \AppServ\www\old\fresh-services\git\admin\js\ckfinder\plugins\flashupload\Uploader.html
[2012.06.12 12:35:28 | 000,260,340 | ---- | M] () -- \AppServ\www\old\fresh-services\git\admin\js\ckfinder\plugins\flashupload\flash\Uploader.swf
[2011.11.05 18:52:03 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.11.05 18:52:21 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2012.01.03 07:00:54 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2012.01.03 07:00:55 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2009.05.18 00:53:45 | 000,005,616 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\baharis\fckeditor\editor\_source\fckscriptloader.js
[2009.05.18 00:53:39 | 000,001,776 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\baharis\fckeditor\editor\_source\classes\fckimagepreloader.js
[2010.03.18 14:42:56 | 000,002,084 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\baharis\greybox\loader_frame.html
[2011.05.23 18:50:00 | 000,002,084 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\html\greybox\loader_frame.html
[2011.05.23 18:50:00 | 000,012,288 | ---- | M] () -- \AppServ\www\old\fresh-services\levnaholka\web\html\greybox\.DAV\loader_frame.html
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\beta\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\beta\wp-includes\template-loader.php
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web2\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web2\wp-includes\template-loader.php
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web3\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web3\wp-includes\template-loader.php
[2011.07.14 15:57:02 | 000,035,968 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web-ftp\www\beta\wp-includes\script-loader.php
[2011.07.14 15:57:02 | 000,001,940 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web-ftp\www\beta\wp-includes\template-loader.php
[2011.05.30 12:51:32 | 000,035,175 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\wp-includes\script-loader.php
[2011.05.30 12:51:34 | 000,001,893 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\wp-includes\template-loader.php
[2011.09.12 14:35:44 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.09.12 14:36:32 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.09.29 08:47:59 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.09.29 08:48:03 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2010.01.26 06:10:00 | 000,004,050 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\libraries\loader.php
[2007.08.30 17:19:00 | 000,000,584 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\media\system\images\mootree_loader.gif
[2008.08.21 02:09:00 | 000,008,747 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\media\system\js\uploader.js
[2007.07.16 10:15:00 | 000,001,615 | ---- | M] () -- \AppServ\www\old\fresh-services\sexescortguilde\web3\media\system\swf\uploader.swf
[2011.07.11 18:19:10 | 000,035,727 | ---- | M] () -- \AppServ\www\old\fresh-services\seyinvest\beta\wp-includes\script-loader.php
[2010.04.28 06:48:10 | 000,001,893 | ---- | M] () -- \AppServ\www\old\fresh-services\seyinvest\beta\wp-includes\template-loader.php
[2011.06.11 16:24:38 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.06.11 16:24:42 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.06.10 21:10:49 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.06.10 21:11:16 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.08.10 11:23:40 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.08.10 11:24:03 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.05.22 11:37:00 | 000,005,477 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.05.22 11:38:00 | 000,001,708 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.05.22 11:37:00 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.05.22 11:38:00 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2012.01.03 02:29:19 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2012.01.03 02:29:20 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.09.08 13:48:07 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.09.08 13:48:12 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.08.13 20:44:26 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.08.13 20:45:16 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.10.01 16:13:53 | 000,004,131 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\js\ckfinder\plugins\flashupload\Uploader.html
[2011.10.01 16:14:32 | 000,260,340 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\js\ckfinder\plugins\flashupload\flash\Uploader.swf
[2012.05.14 17:10:37 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\admin\fckeditor\editor\_source\fckscriptloader.js
[2012.05.14 17:10:38 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2011.02.27 09:47:16 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.02.27 09:47:36 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2007.12.09 19:08:12 | 000,000,673 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\devel\loader-little.gif
[2009.04.16 22:13:48 | 000,003,494 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\jquery_ui\jquery.ui\demos\functional\images\ajax-loader.gif
[2009.04.16 22:13:48 | 000,004,782 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\jquery_ui\jquery.ui\demos\real-world\layout\loader.gif
[2009.04.16 22:13:48 | 000,000,317 | ---- | M] () -- \AppServ\www\old\fresh-services\wellnessclub\web\sites\all\modules\jquery_ui\jquery.ui\demos\real-world\layout\loader_bg.gif
[2011.05.13 14:59:57 | 000,005,602 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\fckeditor\editor\_source\fckscriptloader.js
[2011.05.13 15:00:19 | 000,001,774 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\fckeditor\editor\_source\classes\fckimagepreloader.js
[2010.12.27 21:45:13 | 000,002,188 | ---- | M] () -- \AppServ\www\old\petr\interaktivni-ucebny\web\js\greybox\loader_frame.html
[2013.05.20 12:27:12 | 000,002,700 | ---- | M] () -- \AppServ\www\old\petr\profilampy.sk\classes\PHPExcel\Autoloader.php
[2010.12.27 22:40:18 | 000,002,188 | ---- | M] () -- \AppServ\www\old\petr\projektmedia\web\js\greybox\loader_frame.html
[2013.02.05 11:18:14 | 000,006,611 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.02.05 11:18:14 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\functions\functions.mediauploader.php
[2013.02.05 11:18:14 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.02.05 11:18:14 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\admin\js\of-medialibrary-uploader.js
[2013.02.06 14:27:50 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\leaflet\images\loader.gif
[2013.03.22 23:36:34 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.03.22 23:36:38 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\functions\functions.mediauploader.php
[2013.03.22 23:36:39 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.03.22 23:36:39 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\admin\js\of-medialibrary-uploader.js
[2013.03.22 23:36:43 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-content\themes\leaflet\images\loader.gif
[2013.03.22 23:38:14 | 000,042,202 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\script-loader.php
[2013.03.22 23:38:14 | 000,002,109 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\template-loader.php
[2013.03.22 23:38:22 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\images\uploader-icons-2x.png
[2013.03.22 23:38:22 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\images\uploader-icons.png
[2013.03.22 23:38:26 | 000,004,408 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\js\customize-loader.js
[2013.03.22 23:38:26 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\js\customize-loader.min.js
[2013.01.23 21:04:46 | 000,041,330 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\script-loader.php
[2012.10.31 23:01:14 | 000,002,060 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\template-loader.php
[2012.11.30 02:18:08 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\images\uploader-icons-2x.png
[2012.11.30 02:18:08 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\images\uploader-icons.png
[2012.11.21 22:31:56 | 000,004,244 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\js\customize-loader.js
[2012.11.21 22:31:56 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\js\customize-loader.min.js
[2013.03.28 13:16:03 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.03.28 13:16:06 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\functions\functions.mediauploader.php
[2013.03.28 13:16:07 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.03.28 13:16:07 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\admin\js\of-medialibrary-uploader.js
[2013.03.28 13:16:12 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-content\themes\leaflet\images\loader.gif
[2013.03.28 13:18:08 | 000,042,202 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\script-loader.php
[2013.03.28 13:18:08 | 000,002,109 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\template-loader.php
[2013.03.28 13:18:14 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\images\uploader-icons-2x.png
[2013.03.28 13:18:14 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\images\uploader-icons.png
[2013.03.28 13:18:17 | 000,004,408 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\js\customize-loader.js
[2013.03.28 13:18:17 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\js\customize-loader.min.js
[2013.03.28 13:30:21 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\assets\js\of-medialibrary-uploader.js
[2013.03.28 13:30:26 | 000,006,472 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\functions\functions.mediauploader.php
[2013.03.28 13:30:27 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\js\aq-medialibrary-uploader.js
[2013.03.28 13:30:27 | 000,006,778 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\admin\js\of-medialibrary-uploader.js
[2013.03.28 13:30:33 | 000,001,849 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-content\themes\leaflet\images\loader.gif
[2013.03.28 13:31:13 | 000,042,202 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\script-loader.php
[2013.03.28 13:31:12 | 000,002,109 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\template-loader.php
[2013.03.28 13:31:24 | 000,003,915 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\images\uploader-icons-2x.png
[2013.03.28 13:31:23 | 000,001,593 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\images\uploader-icons.png
[2013.03.28 13:31:27 | 000,004,408 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\js\customize-loader.js
[2013.03.28 13:31:27 | 000,002,642 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\js\customize-loader.min.js
[2010.05.16 17:10:46 | 004,615,552 | ---- | M] () -- \AppServ\www\ostatní\MultipleUploader.rar
[2013.11.11 14:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.11.11 14:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 14:39:40 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2014.01.03 19:32:28 | 000,000,779 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Microsoft\Internet Explorer\Quick Launch\SRDownloader.lnk
[2014.01.04 19:12:24 | 000,000,847 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img\ajax-loader.gif
[2014.01.04 19:12:21 | 000,001,135 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img\loader-icon.png
[2014.01.04 19:12:21 | 000,003,208 | ---- | M] () -- \Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\img\loader.gif
[2009.10.18 03:16:20 | 000,020,992 | ---- | M] () -- \Documents and Settings\Klif\Dokumenty\zálohy\programy\Outlook\maily\backup-jednotlive18.9.2009\ostatni\ShareRapid Downloader.msg
[2014.02.15 23:55:49 | 000,001,128 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.err
[2014.02.15 23:55:54 | 000,002,000 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\SRDownloader.nast
[2014.01.29 19:13:44 | 000,003,208 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\skin\ajax-loader.gif
[2014.01.27 07:54:38 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif
[2014.01.27 07:54:38 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif
[2014.01.27 07:54:38 | 000,006,331 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif
[2014.01.27 07:54:39 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif
[2014.01.27 07:54:39 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif
[2014.01.27 07:54:39 | 000,002,545 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Data aplikací\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif
[2014.01.04 18:19:59 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\09EB8P2R\AdLoader[1].htm
[2014.01.04 00:19:22 | 000,001,174 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\09EB8P2R\downloader[1].js
[2014.02.08 06:04:05 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\8WEHS4PG\AdLoader[1].htm
[2014.02.01 14:39:10 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\JOLW86JB\AdLoader[2].htm
[2014.02.03 13:44:12 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[1].htm
[2014.02.03 13:51:54 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[2].htm
[2014.02.07 22:24:01 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[3].htm
[2014.02.07 22:27:52 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[4].htm
[2014.02.07 22:33:07 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\NWI3G990\AdLoader[5].htm
[2014.02.02 08:26:55 | 000,111,438 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\OF65VQYE\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.02.02 23:01:25 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\OF65VQYE\AdLoader[1].htm
[2014.02.04 10:38:58 | 000,001,537 | ---- | M] () -- \Documents and Settings\Klif\Local Settings\Temporary Internet Files\Content.IE5\OF65VQYE\AdLoader[3].htm
[2011.10.12 08:17:10 | 2658,238,463 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Heroes of Might and Magic IV\Might.and.Magic.Heroes.VI.CZ-SKIDROW.by.Delfin.of.PowerUploaders.iso
[2011.09.21 12:23:20 | 000,235,032 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Heroes of Might and Magic IV\soubory hmmIV\ubiorbitapi_r2_loader.dll
[2009.06.28 21:16:32 | 002,172,400 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\BackgroundDownloader.exe
[2010.10.27 10:28:20 | 003,075,979 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\WoW-3.3.5.12340-x86-Win-enGB-BKGND-downloader.exe
[2009.04.08 15:25:02 | 000,003,026 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2009.04.08 15:25:02 | 000,004,261 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010.06.23 06:31:59 | 000,019,577 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Logs\Downloader.log
[2013.11.19 21:21:26 | 000,905,728 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\share-rapid manager\SRDownloader.exe
[2011.06.09 23:52:42 | 005,299,048 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\KMPlayer\ImLoader.dll
[2009.05.31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014.01.04 01:33:20 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice 4\program\javaloader.uno.dll
[2013.09.17 04:57:36 | 000,005,813 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.py
[2014.01.04 01:33:20 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.dll
[2013.09.20 13:57:06 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice 4\program\pythonloader.uno.ini
[2013.09.20 13:39:02 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice 4\program\classes\unoloader.jar
[2013.09.16 22:10:56 | 000,013,420 | ---- | M] () -- \Program Files\OpenOffice 4\program\python-core-2.7.5\lib\unittest\loader.py
[2013.11.19 21:21:26 | 000,905,728 | ---- | M] () -- \Program Files\share-rapid manager\SRDownloader.exe
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
[2013.02.23 10:53:55 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\bazenek\web\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.02.23 10:53:55 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\bazenek\web\apps\backoffice\modules\pages\validate\editNode.yml
[2013.01.05 13:31:37 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\jiloviste_cz\apps\backoffice\modules\pages\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,161 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\catalog\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\dms\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\gallery\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\pages\validate\editNode.yml
[2012.09.20 13:00:45 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\promatpraha2\web\new\intranet\apps\backoffice\modules\pko_protocols\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcom3\backoffice\modules\catalog\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcom3\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\backoffice\modules\catalog\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\catalog\validate\editNode.yml
[2013.03.26 14:19:21 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\backoffice\modules\catalog\validate\editNode.yml
[2013.03.26 14:20:27 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\backoffice\modules\pages\validate\editNode.yml
[2013.03.26 14:21:06 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\catalog\validate\editNode.yml
[2013.03.26 14:24:37 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\satcom\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.03.26 14:26:07 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\pages\satcom\apps\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom\apps\backoffice\modules\pages\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom2\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.03.22 17:40:18 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\satcom2\apps\backoffice\modules\pages\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\web\apps\backoffice\modules\catalog\validate\editNode.yml
[2013.02.08 18:15:43 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\web\apps\backoffice\modules\pages\validate\editNode.yml
[2013.02.09 12:00:17 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\satcomnew\web\cache\backoffice\prod\config\modules_pages_validate_editNode.yml.php
[2012.02.03 20:13:59 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\silku\cache\_backoffice\prod\config\modules_catalog_validate_editNode.yml.php
[2013.03.12 13:35:32 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\silku\cache\backoffice\prod\config\modules_catalog_validate_editNode.yml.php
[2013.03.20 16:53:03 | 000,000,614 | ---- | M] () -- \AppServ\www\old\drosera\silku\cache\backoffice\prod\config\modules_pages_validate_editNode.yml.php
[2011.09.13 15:21:17 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\silku\xxx\apps\backoffice\modules\catalog\validate\editNode.yml
[2011.09.13 15:21:30 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\silku\xxx\apps\backoffice\modules\pages\validate\editNode.yml
[2013.01.29 16:46:55 | 000,000,162 | ---- | M] () -- \AppServ\www\old\drosera\volby-online_cz\apps\backoffice\modules\pages\validate\editNode.yml
< *AutoKMS* /s >
[2014.01.03 23:18:34 | 000,000,161 | ---- | M] () -- \WINDOWS\AutoKMS.ini
[5 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
< *activator* /s >
< *serial* /s >
[2011.08.13 15:20:51 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.08.13 15:21:04 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\abrapap\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.10.26 03:35:11 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\require\PHPExcel\Reader\Serialized.php
[2011.10.26 03:35:35 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\ceskeslevy\web\admin\require\PHPExcel\Writer\Serialized.php
[2011.04.24 17:14:58 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.04.24 17:15:10 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\cool-zlavy\beta\admin\require\PHPExcel\Writer\Serialized.php
[2012.06.12 12:35:24 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\git\_AdminsCommon\require\PHPExcel\Reader\Serialized.php
[2012.06.12 12:35:25 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\git\_AdminsCommon\require\PHPExcel\Writer\Serialized.php
[2011.11.05 18:52:16 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.11.05 18:52:20 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\intertip\www\admin\require\PHPExcel\Writer\Serialized.php
[2012.01.03 07:01:11 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\require\PHPExcel\Reader\Serialized.php
[2012.01.03 07:01:22 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\lavinaslev\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\beta\wp-includes\js\jquery\jquery.serialize-object.js
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web2\wp-includes\js\jquery\jquery.serialize-object.js
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web3\wp-includes\js\jquery\jquery.serialize-object.js
[2011.07.14 15:57:32 | 000,000,814 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\web-ftp\www\beta\wp-includes\js\jquery\jquery.serialize-object.js
[2011.01.20 23:09:38 | 000,000,783 | ---- | M] () -- \AppServ\www\old\fresh-services\linda\web\wp-includes\js\jquery\jquery.serialize-object.js
[2011.09.12 14:35:56 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.12 14:36:20 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\pribramske-slevy\web\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.29 08:49:12 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.29 08:52:07 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.29 08:53:20 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.09.29 08:56:09 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\republika-slev\beta\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2011.01.20 22:09:38 | 000,000,783 | ---- | M] () -- \AppServ\www\old\fresh-services\seyinvest\beta\wp-includes\js\jquery\jquery.serialize-object.js
[2011.06.11 16:26:06 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.06.11 16:29:33 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.08.05 13:10:23 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.08.05 13:10:28 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevazaslevou\www\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2011.06.10 21:11:08 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.06.10 21:11:14 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevolver\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.08.10 11:23:58 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\require\PHPExcel\Reader\Serialized.php
[2011.08.10 11:24:01 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\slevy-trinec\slevy\admin\require\PHPExcel\Writer\Serialized.php
[2011.05.22 11:37:00 | 000,003,986 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\require\PHPExcel\Reader\Serialized.php
[2011.05.22 11:38:00 | 000,005,955 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\admin\require\PHPExcel\Writer\Serialized.php
[2011.05.22 11:37:00 | 000,003,986 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.05.22 11:38:00 | 000,005,955 | ---- | M] () -- \AppServ\www\old\fresh-services\smszlava\web\beta\admin\require\PHPExcel\Writer\Serialized.php
[2012.01.03 02:29:37 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\require\PHPExcel\Reader\Serialized.php
[2012.01.03 02:29:47 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\svadobnezlavy\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.08 13:49:41 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.08 13:52:21 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin\require\PHPExcel\Writer\Serialized.php
[2011.09.08 13:53:51 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.09.08 13:56:34 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\svetlavetme\beta\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2011.09.01 14:17:09 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.09.01 14:17:13 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin\require\PHPExcel\Writer\Serialized.php
[2011.08.13 20:46:53 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin_firmy\require\PHPExcel\Reader\Serialized.php
[2011.08.13 20:47:01 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\traveldiscount\www\admin_firmy\require\PHPExcel\Writer\Serialized.php
[2012.05.14 17:10:18 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\_AdminsCommon\require\PHPExcel\Reader\Serialized.php
[2012.05.14 17:10:30 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\vjjeci\beta\_AdminsCommon\require\PHPExcel\Writer\Serialized.php
[2011.02.27 09:47:28 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\require\PHPExcel\Reader\Serialized.php
[2011.02.27 09:47:34 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\vykupslevu\admin\require\PHPExcel\Writer\Serialized.php
[2011.05.26 15:30:52 | 000,004,119 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\require\PHPExcel\Reader\Serialized.php
[2011.05.26 15:30:58 | 000,006,163 | ---- | M] () -- \AppServ\www\old\fresh-services\zlavazlava\www\admin\require\PHPExcel\Writer\Serialized.php
[2013.05.20 12:27:12 | 000,004,010 | ---- | M] () -- \AppServ\www\old\petr\profilampy.sk\classes\PHPExcel\CachedObjectStorage\MemorySerialized.php
[2013.03.22 23:38:27 | 000,000,814 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\rz\wp-includes\js\jquery\jquery.serialize-object.js
[2011.01.20 23:09:38 | 000,000,783 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\wp-includes\js\jquery\jquery.serialize-object.js
[2013.03.28 13:18:18 | 000,000,814 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\rozkvetlazahrada\wp-includes\js\jquery\jquery.serialize-object.js
[2013.03.28 13:31:28 | 000,000,814 | ---- | M] () -- \AppServ\www\old\rozkvetlazahrada\zahra\wp-includes\js\jquery\jquery.serialize-object.js
[2010.08.14 16:46:10 | 000,009,066 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.08.14 16:46:10 | 000,000,219 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\AtlasLoot\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.10.05 09:01:18 | 000,009,066 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010.10.05 09:01:18 | 000,000,219 | ---- | M] () -- \Documents and Settings\Klif\Plocha\hry\Wow\wow\Interface\Addons\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2010.01.04 14:57:41 | 000,000,246 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\Photoshop CS3\serial.txt
[2009.01.04 11:12:28 | 000,000,080 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\TuneUp 2009\old\serial key.txt
[2011.05.13 21:22:55 | 000,000,157 | ---- | M] () -- \Documents and Settings\Klif\Plocha\programy\TuneUp 2009\TUNEUP 2009CZ\serial key.txt
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2014.02.16 03:08:47 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.01.05 01:01:41 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.16 03:13:48 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.16 03:07:31 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
< End of report >
Re: Prosím o pomoc s odstraněním viru
A nebylo to OTL.exe , ale OTL.txt samozřejmě, už blbnu
Re: Prosím o pomoc s odstraněním viru
A tady je Extras.txt :
OTL Extras logfile created on: 17.2.2014 10:04:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Klif\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 63,78% Memory free
3,85 Gb Paging File | 3,25 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 410,74 Gb Free Space | 44,09% Space Free | Partition Type: NTFS
Drive D: | 931,50 Gb Total Space | 52,21 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Computer Name: KLIFIK | User Name: Klif | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = OperaStable] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- ()
"C:\AppServ\Apache2.2\bin\httpd.exe" = C:\AppServ\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe" = C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe:*:Enabled:ICQ -- (ICQ)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13088D41-3475-A25E-BE76-5B4D36939498}" = AMD Catalyst Install Manager
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{48413BF3-5934-4ED3-8F1B-49D250BBF5AC}" = Prison Tycoon 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{91B1F7B1-9721-D228-F591-2C2A4695302C}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Accessibility Toolbar_is1" = Web Accessibility Toolbar 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AppServ" = AppServ 2.5.10 (remove only)
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"ATnotes_is1" = ATnotes Version 9.5
"Avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"FileZilla Client" = FileZilla Client 3.7.3
"Free Video Converter_is1" = Free Video Converter V 3.2
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.32.1230
"Google Chrome" = Google Chrome
"HospitalTycoon" = Hospital Tycoon
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ie8" = Windows Internet Explorer 8
"iecollection_is1" = Internet Explorer Collection 1.5.0.0
"IObit Unlocker_is1" = IObit Unlocker
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"Mozilla Thunderbird 24.2.0 (x86 en-US)" = Mozilla Thunderbird 24.2.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Office14.SingleImage" = Microsoft Office Professional 2010
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Opera 19.0.1326.59" = Opera Stable 19.0.1326.59
"Peggle Nights Deluxe 1.0" = Peggle Nights Deluxe 1.0
"PhotoFiltre" = PhotoFiltre
"PSPad editor_is1" = PSPad editor
"Rainlendar2" = Rainlendar2 (remove only)
"The Cleaner_is1" = The Cleaner version 9
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 5.01 (32-bit)
"winscp3_is1" = WinSCP 4.3.9
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ICQ" = ICQ 8.2 (verze 6901)
"Prison Tycoon 4 CZ v1.1" = Prison Tycoon 4 CZ v1.1
"QIP Infium" = QIP Infium 3.0.9040
OTL Extras logfile created on: 17.2.2014 10:04:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Klif\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 63,78% Memory free
3,85 Gb Paging File | 3,25 Gb Available in Paging File | 84,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 410,74 Gb Free Space | 44,09% Space Free | Partition Type: NTFS
Drive D: | 931,50 Gb Total Space | 52,21 Gb Free Space | 5,61% Space Free | Partition Type: NTFS
Computer Name: KLIFIK | User Name: Klif | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = OperaStable] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\QIP Infium\infium.exe" = C:\Program Files\QIP Infium\infium.exe:*:Enabled:QIP Infium -- ()
"C:\AppServ\Apache2.2\bin\httpd.exe" = C:\AppServ\Apache2.2\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe" = C:\Documents and Settings\Klif\Data aplikací\ICQM\icq.exe:*:Enabled:ICQ -- (ICQ)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{13088D41-3475-A25E-BE76-5B4D36939498}" = AMD Catalyst Install Manager
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{220C463A-2890-4C7F-B97C-C49FE175B849}" = OpenOffice 4.0.1
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 51
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{48413BF3-5934-4ED3-8F1B-49D250BBF5AC}" = Prison Tycoon 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{91B1F7B1-9721-D228-F591-2C2A4695302C}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Accessibility Toolbar_is1" = Web Accessibility Toolbar 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AppServ" = AppServ 2.5.10 (remove only)
"Ashampoo Burning Studio 2009_is1" = Ashampoo Burning Studio 2009
"ATnotes_is1" = ATnotes Version 9.5
"Avast" = avast! Free Antivirus
"BSPlayerf" = BS.Player FREE
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"FileZilla Client" = FileZilla Client 3.7.3
"Free Video Converter_is1" = Free Video Converter V 3.2
"Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.32.1230
"Google Chrome" = Google Chrome
"HospitalTycoon" = Hospital Tycoon
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ie8" = Windows Internet Explorer 8
"iecollection_is1" = Internet Explorer Collection 1.5.0.0
"IObit Unlocker_is1" = IObit Unlocker
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 27.0.1 (x86 cs)" = Mozilla Firefox 27.0.1 (x86 cs)
"Mozilla Thunderbird 24.2.0 (x86 en-US)" = Mozilla Thunderbird 24.2.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Office14.SingleImage" = Microsoft Office Professional 2010
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"Opera 19.0.1326.59" = Opera Stable 19.0.1326.59
"Peggle Nights Deluxe 1.0" = Peggle Nights Deluxe 1.0
"PhotoFiltre" = PhotoFiltre
"PSPad editor_is1" = PSPad editor
"Rainlendar2" = Rainlendar2 (remove only)
"The Cleaner_is1" = The Cleaner version 9
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VobSub" = VobSub v2.23 (Remove Only)
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 5.01 (32-bit)
"winscp3_is1" = WinSCP 4.3.9
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ICQ" = ICQ 8.2 (verze 6901)
"Prison Tycoon 4 CZ v1.1" = Prison Tycoon 4 CZ v1.1
"QIP Infium" = QIP Infium 3.0.9040
Re: Prosím o pomoc s odstraněním viru
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.2.2014 21:17:45 | Computer Name = KLIFIK | Source = Application Error | ID = 1000
Description = Chybující aplikace rainlendar2.exe, verze 2.8.1.0, chybující modul
lua51.dll, verze 0.0.0.0, adresa chyby 0x00001910.
Error - 15.2.2014 18:50:02 | Computer Name = KLIFIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.6.6.1075, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.2.2014 18:51:56 | Computer Name = KLIFIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.6.6.1075, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 15.2.2014 16:44:38 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 15.2.2014 16:44:40 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 15.2.2014 16:44:41 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 15.2.2014 18:17:39 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 17.2.2014 5:00:55 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 17.2.2014 5:02:00 | Computer Name = KLIFIK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: aswRvrt aswSnx aswSP aswTdi aswVmm Fips mbamchameleon Processor
Error - 17.2.2014 5:04:47 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 17.2.2014 5:04:49 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 17.2.2014 5:04:51 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 17.2.2014 5:04:52 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
< End of report >
[ Application Events ]
Error - 10.2.2014 21:17:45 | Computer Name = KLIFIK | Source = Application Error | ID = 1000
Description = Chybující aplikace rainlendar2.exe, verze 2.8.1.0, chybující modul
lua51.dll, verze 0.0.0.0, adresa chyby 0x00001910.
Error - 15.2.2014 18:50:02 | Computer Name = KLIFIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.6.6.1075, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 15.2.2014 18:51:56 | Computer Name = KLIFIK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace bsplayer.exe, verze 2.6.6.1075, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ System Events ]
Error - 15.2.2014 16:44:38 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 15.2.2014 16:44:40 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 15.2.2014 16:44:41 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 15.2.2014 18:17:39 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 17.2.2014 5:00:55 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 17.2.2014 5:02:00 | Computer Name = KLIFIK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: aswRvrt aswSnx aswSP aswTdi aswVmm Fips mbamchameleon Processor
Error - 17.2.2014 5:04:47 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 17.2.2014 5:04:49 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 17.2.2014 5:04:51 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
Error - 17.2.2014 5:04:52 | Computer Name = KLIFIK | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby MSIServer
s argumenty za účelem spuštění serveru: {000C101C-0000-0000-C000-000000000046}
< End of report >
Re: Prosím o pomoc s odstraněním viru
Napiste mi velikost tohoto adresare C:\Documents and Settings\Klif\Plocha Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Znovu spustte OTLDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
:services
JavaQuickStarterService
gupdate
moohelp
AdobeFlashPlayerUpdateSvc
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk
:otl
IE - HKLM\..\SearchScopes,DefaultScope = {44475ACF-AC79-4352-B49B-5C569BA1927D}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{44475ACF-AC79-4352-B49B-5C569BA1927D}: "URL" = http://google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1614895754-287218729-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[2014.01.04 19:12:40 | 000,000,000 | ---D | M] (BS Player ControlBar) -- C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
O4 - Startup: C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk = File not found
O4 - Startup: C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk = File not found
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11352A67-0178-46B1-8855-D50B2F81C054}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"tcactive"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o pomoc s odstraněním viru
Tak C:\Documents and Settings\Klif\Plocha má 381 GB, je to vůbec možné? Mám tam pár ikonek...
Jinak to OTL jsem udělala jak jsem měla, jenže když jsem po tom restartu zase vlezla do nouzového režimu, tak se žádný log neobjevil a na ploše taky není
Najdu ho někde?
Jinak to OTL jsem udělala jak jsem měla, jenže když jsem po tom restartu zase vlezla do nouzového režimu, tak se žádný log neobjevil a na ploše taky není
Najdu ho někde?Re: Prosím o pomoc s odstraněním viru
C:\_OTL\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)Klif píše:Jinak to OTL jsem udělala jak jsem měla, jenže když jsem po tom restartu zase vlezla do nouzového režimu, tak se žádný log neobjevil a na ploše taky není
A nejsou tam i nejake slozky? Jinak plocha by nemela mit vic nez 200-300 MB!Klif píše:Tak C:\Documents and Settings\Klif\Plocha má 381 GB, je to vůbec možné? Mám tam pár ikonek...
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o pomoc s odstraněním viru
Jéje, no to jsem ale popleta, jasně, že tam jsou složky Není to tak dlouho, co jsem totiž přeinstalovávala počítač a některé složky, co jsem si potom kopírovala zpátky do počítače, mi ještě zůstaly na ploše. A zrovna dost veliké, takže to bude odpovídat
A tady to OTL:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 19736103 bytes
->Flash cache emptied: 57472 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes
User: Klif
->Temp folder emptied: 2323887 bytes
->Temporary Internet Files folder emptied: 30672133 bytes
->FireFox cache emptied: 36979601 bytes
->Google Chrome cache emptied: 393373903 bytes
->Apple Safari cache emptied: 60416 bytes
->Flash cache emptied: 64573 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 818588 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 35252 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148726 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 317791 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 42150344 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 504,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Klif
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start System Restore Service. Error code 10
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service moohelp stopped successfully!
Service moohelp deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Plugins folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\lib folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\mam folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\mam\content folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\mam folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\sl folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib\jquery.alerts folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\core folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\WEATHER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\TWITTER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\Optimizer folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\dlg folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spsd\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spsd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spbd\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spbd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\js\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\msd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\api folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\res folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\aboutBox\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\aboutBox\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\aboutBox folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559 folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} folder moved successfully.
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk moved successfully.
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44475ACF-AC79-4352-B49B-5C569BA1927D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44475ACF-AC79-4352-B49B-5C569BA1927D}\ not found.
HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Folder C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File move failed. C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk scheduled to be moved on reboot.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP163.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp\Microsoft.Build.Framework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP243.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP260.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP260.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP909.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA32.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC7E636D-39AA-49b6-B511-65413DA137A1}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{11352A67-0178-46B1-8855-D50B2F81C054} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11352A67-0178-46B1-8855-D50B2F81C054}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\tcactive deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 02182014_192254
Není to tak dlouho, co jsem totiž přeinstalovávala počítač a některé složky, co jsem si potom kopírovala zpátky do počítače, mi ještě zůstaly na ploše. A zrovna dost veliké, takže to bude odpovídat A tady to OTL:
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 19736103 bytes
->Flash cache emptied: 57472 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes
User: Klif
->Temp folder emptied: 2323887 bytes
->Temporary Internet Files folder emptied: 30672133 bytes
->FireFox cache emptied: 36979601 bytes
->Google Chrome cache emptied: 393373903 bytes
->Apple Safari cache emptied: 60416 bytes
->Flash cache emptied: 64573 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 818588 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 35252 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148726 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 317791 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 42150344 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 504,00 mb
[EMPTYFLASH]
User: Administrator
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Flash cache emptied: 0 bytes
User: Klif
->Flash cache emptied: 0 bytes
User: LocalService
User: NetworkService
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Unable to start System Restore Service. Error code 10
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service moohelp stopped successfully!
Service moohelp deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KLIFIK-Klif.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Plugins folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\lib folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\mam folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\mam\content folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\mam folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\sl folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib\jquery.jscrollpane folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib\jquery.alerts\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib\jquery.alerts folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\lib folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\core folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\WEATHER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\WEATHER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\WEATHER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\TWITTER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\TWITTER\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\TWITTER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view\style\rsx folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view\style folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view\script folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\view folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\Css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH\buildSettings folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\SEARCH folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\js\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\css\custom-theme folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\RADIO_PLAYER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\css\custom-theme folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG\agreement folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\PRICE_GONG folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\Optimizer\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\Optimizer folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\images\light folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\images\dark folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\NOTIFICATION folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\js\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\MULTI_RSS folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\HIGHLIGHTER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\HIGHLIGHTER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\HIGHLIGHTER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\EMAIL_NOTIFIER\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\EMAIL_NOTIFIER\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\EMAIL_NOTIFIER folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\APPLICATION_BUTTON\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\APPLICATION_BUTTON\Js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa\APPLICATION_BUTTON folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\wa folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\menu folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gadgetFrame folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\dlg\ftd\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\dlg\ftd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\dlg folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spsd\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spsd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spbd\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\spbd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\sp folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\js\resources folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\options folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\msd folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\api folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\res folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\aboutBox\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\aboutBox\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\aboutBox folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog\js folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog\images folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog\css folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall\dialog folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic\uninstall folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\logic folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559 folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome folder moved successfully.
C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} folder moved successfully.
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk moved successfully.
C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44475ACF-AC79-4352-B49B-5C569BA1927D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44475ACF-AC79-4352-B49B-5C569BA1927D}\ not found.
HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1614895754-287218729-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Folder C:\Documents and Settings\Klif\Data aplikací\Mozilla\Firefox\Profiles\c3quzlch.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File move failed. C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_21936792.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Klif\Nabídka Start\Programy\Po spuštění\_uninst_46936320.lnk scheduled to be moved on reboot.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP163.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp\Microsoft.Build.Framework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP243.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP260.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP260.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6BE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP909.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA32.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC7E636D-39AA-49b6-B511-65413DA137A1}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{11352A67-0178-46B1-8855-D50B2F81C054} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11352A67-0178-46B1-8855-D50B2F81C054}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\tcactive deleted successfully.
OTL by OldTimer - Version 3.2.69.0 log created on 02182014_192254
Přispějete na provoz fóra?
