Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

asi nějaký vir??

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#31 Příspěvek od dapemato »

no jo ten jsem nějak zapomněla :oops:
jinak avast už nic nehlásí, skype i facebook chodí ale pořád nejdou maily na seznamu :-(


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-01-2015 01
Ran by Uživatel at 2015-01-25 19:42:57 Run:1
Running from C:\Documents and Settings\Uživatel\Plocha
Loaded Profiles: Uživatel & UpdatusUser (Available profiles: Uživatel & UpdatusUser)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION ==> Default URLSearchHook is missing.
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

CHR HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - No Path

S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S2 SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys [X]

2015-01-23 16:29 - 2015-01-23 16:39 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
2015-01-23 16:29 - 2015-01-23 16:29 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 16:27 - 2015-01-23 16:27 - 16466552 _____ (Malwarebytes Corp.) C:\Documents and Settings\Uživatel\Plocha\mbar-1.08.3.1004.exe
2015-01-23 16:27 - 2015-01-23 16:27 - 00108632 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-20 20:31 - 2015-01-23 18:20 - 00000863 _____ () C:\DelFix.txt

Hosts:
EmptyTemp:
Reboot:
End


*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Error setting Default URLSearchHook.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
"HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd" => Key deleted successfully.
catchme => Service deleted successfully.
IntelIde => Service deleted successfully.
lmimirr => Service deleted successfully.
SSPORT => Service deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable) => Moved successfully.
C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys => Moved successfully.
C:\Documents and Settings\Uživatel\Plocha\mbar-1.08.3.1004.exe => Moved successfully.
C:\WINDOWS\system32\Drivers\mbamchameleon.sys => Moved successfully.
C:\DelFix.txt => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.7 GB temporary data.


The system needed a reboot.

==== End of Fixlog 19:43:31 ====
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#32 Příspěvek od Márty84 »

:???: Ty maily na seznamu nejdou v zadnem prohlizeci?

:arrow: Zkuste, zda to bude fungovat v nouzovem rezimu s praci v siti.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#33 Příspěvek od dapemato »

Zdravím, tak na Mozille spustit maily jdou ale na Exploreru pořád ne a to jsem ho už i přeinstalovala :(
...tak nevím
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#34 Příspěvek od Márty84 »

A napise to nejakou hlasku?

Zkousela jste to v tom nouzovem rezimu s praci v siti?


:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#35 Příspěvek od dapemato »

naskočí typické okno hned to bude, ale nedopadne to...

co se týče.."Zkousela jste to v tom nouzovem rezimu s praci v siti?" to nevím jak mám udělat :( ...zbytek zařídím odpolko, až budu doma :)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#36 Příspěvek od Márty84 »

:arrow: Do nouzoveho rezimu se dostanete takto:
restartujte pc, mackejte klavesu F8 - pripadne jinou, zalezi na typu stroje - a zvolte moznost nouzovy rezim s praci v siti.
Kdyby to neslo, zde je jiny postup http://forum.viry.cz/viewtopic.php?f=46&t=7554
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#37 Příspěvek od dapemato »

OTL Extras logfile created on: 28.1.2015 18:58:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 59,91% Memory free
4,84 Gb Paging File | 3,66 Gb Available in Paging File | 75,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 33,46 Gb Free Space | 11,22% Space Free | Partition Type: NTFS

Computer Name: U-398F8DF968D14 | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"443:TCP" = 443:TCP:*:Enabled:War Thunder
"20010:UDP" = 20010:UDP:*:Enabled:War Thunder
"3478:UDP" = 3478:UDP:*:Enabled:War Thunder
"7850:TCP" = 7850:TCP:*:Enabled:War Thunder
"7852:TCP" = 7852:TCP:*:Enabled:War Thunder
"7853:TCP" = 7853:TCP:*:Enabled:War Thunder
"27022:TCP" = 27022:TCP:*:Enabled:War Thunder
"6881:TCP" = 6881:TCP:*:Enabled:War Thunder
"33333:TCP" = 33333:TCP:*:Enabled:War Thunder
"20443:TCP" = 20443:TCP:*:Enabled:War Thunder
"8090:TCP" = 8090:TCP:*:Enabled:War Thunder
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\TopCD\Traktor 3\farm2012.dll" = C:\TopCD\Traktor 3\farm2012.dll:*:Disabled:Agrar Simulator 2011 -- (ActaLogic)
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2045\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2045\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Games\World_of_Tanks\WoTLauncher.exe" = C:\Games\World_of_Tanks\WoTLauncher.exe:*:Enabled:World of Tanks Launcher
"C:\Program Files\Steam\SteamApps\common\Mafia II\pc\mafia2.exe" = C:\Program Files\Steam\SteamApps\common\Mafia II\pc\mafia2.exe:*:Enabled:Mafia II -- (2K Czech)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\TopCD\Traktor 2\game.exe" = C:\TopCD\Traktor 2\game.exe:*:Enabled:GIANTS Game Engine -- (GIANTS Software GmbH)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe" = C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"C:\Games\World_of_Tanks\WorldOfTanks.exe" = C:\Games\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net)
"C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World -- (Electronic Arts)
"C:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe" = C:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\Avatar.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME -- (Ubisoft Entertainment)
"C:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe" = C:\Program Files\Ubisoft\James Cameron's AVATAR - THE GAME\bin\AvatarLauncher.exe:*:Enabled:Updater -- (Ubisoft)
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.2880\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Program Files\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe" = C:\Program Files\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe:*:Enabled:LEGO MARVEL Super Heroes -- (Warner Bros. Interactive Entertainment)
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe" = C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2 -- ()
"C:\Documents and Settings\Uživatel\Data aplikací\uTorrent\utorrent.exe" = C:\Documents and Settings\Uživatel\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe" = C:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Disabled:Crysis2 -- (Crytek GmbH)
"C:\Program Files\Steam\SteamApps\common\MXGP - The Official Motocross Videogame Demo\MXGP.exe" = C:\Program Files\Steam\SteamApps\common\MXGP - The Official Motocross Videogame Demo\MXGP.exe:*:Enabled:MXGP - The Official Motocross Videogame Demo -- (Milestone S.r.l.)
"C:\Program Files\Steam\SteamApps\common\Batman Arkham City Demo\Binaries\Win32\BatmanAC.exe" = C:\Program Files\Steam\SteamApps\common\Batman Arkham City Demo\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City Demo -- (Rocksteady Studios Ltd.)
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" = C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Sony DADC Austria AG)
"C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe" = C:\Program Files\Rockstar Games\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV -- (Take-Two Interactive Software, Inc.)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe" = C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Program Files\Steam\SteamApps\common\Spintires\SpinTires.exe" = C:\Program Files\Steam\SteamApps\common\Spintires\SpinTires.exe:*:Enabled:Spintires -- (Oovee Ltd.)
"C:\Program Files\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe" = C:\Program Files\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe:*:Enabled:Euro Truck Simulator 2 -- (SCS Software)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Program Files\Mozilla Firefox) -- (Mozilla Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{098F0462-A6D9-4FB4-87B0-0F46BF0E7EFB}" = Úžasňákovi
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): THE GAME
"{819A6E18-2533-4434-AB91-E5D95F3549A2}" = WR2 Demo ATS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4E75B8-6788-481D-B8D5-143EF17DC06A}" = LogMeIn Hamachi
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A12BBE50-840D-4BD0-89D8-585F7C6AA7B4}_is1" = Starsky & Hutch
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.08) - Czech
"{AEDDF5A3-29CE-11D5-A8C2-000102246AAE}" = ubi.com
"{AEF59382-3FF1-4EBF-A93E-CCC474DCEA3F}_is1" = Construction-Simulator 2012 verze 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.23.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DE5ECBF6-8A4A-4855-98D0-D6576145EBFF}" = G-Force
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F77ED0CD-2E5E-4FC7-82E0-BB7D461E739F}" = LibreOffice 4.0.3.3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 16 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"aTube Catcher" = aTube Catcher
"avast" = Avast Free Antivirus
"Defraggler" = Defraggler
"Google Chrome" = Google Chrome
"Historické stroje_is1" = Historické stroje
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"IL-2 Sturmovik" = IL-2 Sturmovik
"InstallShield_{098F0462-A6D9-4FB4-87B0-0F46BF0E7EFB}" = Úžasňákovi
"InstallShield_{819A6E18-2533-4434-AB91-E5D95F3549A2}" = WR2 Demo ATS
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MotoGP2_is1" = MotoGP2
"Mozilla Firefox 35.0.1 (x86 cs)" = Mozilla Firefox 35.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PunkBusterSvc" = PunkBuster Services
"Samsung SCX-4300 Series" = Samsung SCX-4300 Series
"Steam App 200240" = Batman: Arkham City Demo
"Steam App 227300" = Euro Truck Simulator 2
"Steam App 249130" = LEGO MARVEL Super Heroes
"Steam App 263280" = Spintires
"Steam App 286650" = MXGP - The Official Motocross Videogame Demo
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"Totalcmd" = Total Commander (Remove or Repair)
"Traktor 2_is1" = Traktor 2
"Weather1.20_is1" = weather1.20
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZonerPhotoStudio15_EN_is1" = Zoner Photo Studio 15

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27.1.2015 12:24:17 | Computer Name = U-398F8DF968D14 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.1.2015 14:27:25 | Computer Name = U-398F8DF968D14 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WorldOfTanks.exe, verze 0.9.5.0, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 27.1.2015 14:32:12 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:32:12 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:32:13 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:32:13 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:44:57 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:44:57 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:44:57 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 27.1.2015 14:44:57 | Computer Name = U-398F8DF968D14 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.

[ System Events ]
Error - 26.1.2015 12:23:09 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 26.1.2015 12:29:44 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 26.1.2015 12:40:22 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 27.1.2015 11:36:06 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 27.1.2015 11:38:05 | Computer Name = U-398F8DF968D14 | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.

Error - 27.1.2015 14:32:16 | Computer Name = U-398F8DF968D14 | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.


Error - 27.1.2015 14:32:21 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 27.1.2015 14:45:10 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 27.1.2015 15:04:13 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20

Error - 28.1.2015 10:04:49 | Computer Name = U-398F8DF968D14 | Source = Service Control Manager | ID = 7000
Description = Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
%%20


< End of report >
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#38 Příspěvek od dapemato »

OTL logfile created on: 28.1.2015 18:58:12 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Uživatel\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 59,91% Memory free
4,84 Gb Paging File | 3,66 Gb Available in Paging File | 75,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298,08 Gb Total Space | 33,46 Gb Free Space | 11,22% Space Free | Partition Type: NTFS

Computer Name: U-398F8DF968D14 | User Name: Uživatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.01.28 18:57:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
PRC - [2015.01.28 17:38:15 | 000,338,032 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2015.01.27 16:36:32 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.01.23 23:33:46 | 001,530,048 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\bin\steamwebhelper.exe
PRC - [2015.01.23 23:33:44 | 001,942,720 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2015.01.21 18:18:50 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014.12.13 17:01:28 | 003,838,800 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2014.12.13 17:01:08 | 001,895,760 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2014.12.02 20:12:56 | 000,411,920 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
PRC - [2013.03.15 06:47:17 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.12.04 17:20:52 | 000,773,728 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
PRC - [2008.07.16 08:38:34 | 000,536,064 | ---- | M] (weather-life.com) -- C:\Program Files\Weather\weather.exe
PRC - [2008.05.05 10:40:58 | 000,340,029 | ---- | M] () -- C:\Program Files\Weather\usbwr.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2015.01.28 17:38:13 | 003,925,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2015.01.28 15:06:37 | 002,913,280 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15012800\algo.dll
MOD - [2015.01.23 23:34:04 | 002,227,904 | ---- | M] () -- C:\Program Files\Steam\video.dll
MOD - [2015.01.23 23:33:44 | 000,696,512 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.dll
MOD - [2015.01.21 18:18:52 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015.01.16 00:42:26 | 034,641,288 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll
MOD - [2015.01.16 00:42:26 | 001,709,960 | ---- | M] () -- C:\Program Files\Steam\bin\ffmpegsumo.dll
MOD - [2014.12.02 01:29:50 | 005,002,752 | ---- | M] () -- C:\Program Files\Steam\v8.dll
MOD - [2014.12.02 01:29:34 | 001,612,800 | ---- | M] () -- C:\Program Files\Steam\icui18n.dll
MOD - [2014.12.02 01:29:34 | 001,210,368 | ---- | M] () -- C:\Program Files\Steam\icuuc.dll
MOD - [2014.12.01 22:31:16 | 002,396,672 | ---- | M] () -- C:\Program Files\Steam\libavcodec-56.dll
MOD - [2014.12.01 22:31:16 | 000,485,888 | ---- | M] () -- C:\Program Files\Steam\libswscale-3.dll
MOD - [2014.12.01 22:31:16 | 000,479,744 | ---- | M] () -- C:\Program Files\Steam\libavformat-56.dll
MOD - [2014.12.01 22:31:16 | 000,442,880 | ---- | M] () -- C:\Program Files\Steam\libavutil-54.dll
MOD - [2014.12.01 22:31:16 | 000,332,800 | ---- | M] () -- C:\Program Files\Steam\libavresample-2.dll
MOD - [2014.11.11 19:47:56 | 000,774,656 | ---- | M] () -- C:\Program Files\Steam\SDL2.dll
MOD - [2010.10.07 14:53:58 | 001,961,240 | ---- | M] () -- C:\Program Files\Seznam.cz\listicka.dll
MOD - [2010.10.07 14:53:26 | 000,849,176 | ---- | M] () -- C:\Program Files\Seznam.cz\email.3.dll
MOD - [2010.10.07 14:53:10 | 001,164,568 | ---- | M] () -- C:\Program Files\Seznam.cz\core.3.dll
MOD - [2010.10.07 14:53:04 | 000,187,672 | ---- | M] () -- C:\Program Files\Seznam.cz\toolbar\toolbar.dll
MOD - [2009.08.14 10:16:04 | 000,022,723 | ---- | M] () -- C:\WINDOWS\system32\sse1ml3.dll
MOD - [2008.05.05 10:40:58 | 000,340,029 | ---- | M] () -- C:\Program Files\Weather\usbwr.exe
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.08.24 15:14:42 | 000,024,576 | ---- | M] () -- C:\Program Files\Weather\onlywell.dll


========== Services (SafeList) ==========

SRV - [2015.01.28 17:38:13 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.01.21 18:18:50 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.12.13 17:01:08 | 001,895,760 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014.12.11 10:30:48 | 000,315,496 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.02 20:12:56 | 000,411,920 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2013.03.15 06:47:17 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2015.01.21 18:25:26 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2015.01.21 18:25:21 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2015.01.21 18:18:53 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2015.01.21 18:18:53 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2015.01.21 18:18:53 | 000,057,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2015.01.21 18:18:53 | 000,055,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2015.01.21 18:18:53 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2015.01.21 18:18:53 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2013.05.22 17:43:30 | 000,278,984 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2013.05.22 17:43:25 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2013.04.23 08:16:54 | 005,884,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2013.04.23 08:16:52 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2013.04.23 08:16:52 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2013.04.23 08:00:15 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2013.04.23 07:59:32 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2012.12.19 06:41:55 | 000,128,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.04 13:20:10 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2005.09.29 18:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 13:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes,DefaultScope = {6843c611-16a1-4008-9935-abee902b0711}
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{2910A40F-3882-452F-A83F-6892F0A50582}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{6843c611-16a1-4008-9935-abee902b0711}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{69c7e45f-b26d-484e-9531-f4d558bc12d6}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{B28D168B-7E76-4539-906F-8251F9C08F5E}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{cacfcb71-a0e9-4db4-9236-16418456ee16}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=s ... earchTerms}
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{fba920f7-3fdb-4b8f-aadc-d0ff9d6f73ae}: "URL" = http://www.firmy.cz/?q={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1644491937-73586283-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

========== FireFox ==========

FF - prefs.js..browser.search.isUS: false
FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:3.0.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:35.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.01.27 19:31:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 35.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.08.31 08:18:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions
[2013.08.31 08:18:08 | 000,000,000 | ---D | M] (7Go Games) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions\7go@7go.com
[2013.08.31 08:18:50 | 000,000,000 | ---D | M] (Speed Analysis 3) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Extensions\speedanalysis03@SpeedAnalysis.com
[2015.01.27 19:01:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions
[2015.01.27 19:01:18 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2015.01.28 17:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015.01.28 17:38:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.01.28 17:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2015.01.28 17:38:00 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\UĹĽIVATEL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\N3T41V53.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_1\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: No name found = C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2015.01.25 19:43:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1644491937-73586283-682003330-1003..\Run: [cfweatherStation] C:\Program Files\Weather\weather.exe (weather-life.com)
O4 - HKU\S-1-5-21-1644491937-73586283-682003330-1003..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe (ZONER software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1644491937-73586283-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O15 - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 6701646765 (WUWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21DDFDED-7FD1-4198-988D-2F0EEF8BBB88}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /M:203cdca2 /dir:C:\Program)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.01.28 18:57:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2015.01.28 17:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2015.01.27 20:01:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2015.01.27 19:43:34 | 000,000,000 | ---D | C] -- C:\flash dokumenty
[2015.01.27 19:42:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie7
[2015.01.27 19:42:17 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
[2015.01.27 19:41:26 | 000,000,000 | ---D | C] -- C:\logs
[2015.01.27 16:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2015.01.25 19:47:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.01.25 19:40:47 | 001,120,768 | ---- | C] (Farbar) -- C:\Documents and Settings\Uživatel\Plocha\FRST.exe
[2015.01.24 21:39:39 | 000,000,000 | ---D | C] -- C:\FRST
[2015.01.24 14:55:06 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2015.01.22 17:12:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2015.01.22 17:09:21 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Nástroje pro správu
[2015.01.22 17:09:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2015.01.21 18:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Data aplikací\AVAST Software
[2015.01.21 18:20:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\jumpshot.com
[2015.01.21 18:18:57 | 000,291,352 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2015.01.21 18:18:52 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2015.01.21 18:17:04 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2015.01.21 18:09:50 | 000,423,784 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2015.01.21 18:09:49 | 000,057,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2015.01.21 18:09:49 | 000,055,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2015.01.21 18:09:48 | 000,787,800 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2015.01.20 20:37:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Uživatel\Recent
[2015.01.18 14:25:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2015.01.17 13:48:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2015.01.15 15:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CenlEdosu
[2015.01.03 12:08:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory
[2015.01.03 12:06:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Mozilla
[2015.01.03 12:06:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2013.10.04 15:33:36 | 004,241,280 | ---- | C] (Dll-Files.com ) -- C:\Program Files\dffsetup-d3d11.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.01.28 19:00:31 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.01.28 18:58:48 | 000,027,162 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2015.01.28 18:57:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Uživatel\Plocha\OTL.exe
[2015.01.28 18:19:02 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2015.01.28 15:04:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015.01.27 20:35:10 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2015.01.27 19:26:32 | 000,000,612 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\WorldOfTanks.exe.lnk
[2015.01.27 16:55:18 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2015.01.25 19:47:24 | 002,194,432 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\adwcleaner_4.109.exe
[2015.01.25 19:43:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2015.01.25 19:40:50 | 001,120,768 | ---- | M] (Farbar) -- C:\Documents and Settings\Uživatel\Plocha\FRST.exe
[2015.01.25 13:13:17 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2015.01.25 12:52:40 | 000,056,320 | ---- | M] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015.01.24 21:46:16 | 000,008,595 | ---- | M] () -- C:\Addition.zip
[2015.01.24 21:39:26 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\MSGBOX.EXE
[2015.01.24 21:39:26 | 000,015,327 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\LM.bat
[2015.01.22 17:12:28 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2015.01.21 18:25:26 | 000,787,800 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsnx.sys
[2015.01.21 18:25:21 | 000,423,784 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswsp.sys
[2015.01.21 18:19:18 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
[2015.01.21 18:18:53 | 000,206,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2015.01.21 18:18:53 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2015.01.21 18:18:53 | 000,057,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2015.01.21 18:18:53 | 000,055,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2015.01.21 18:18:53 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2015.01.21 18:18:53 | 000,024,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2015.01.21 18:18:52 | 000,291,352 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2015.01.21 18:18:52 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2015.01.21 18:17:04 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2015.01.21 18:12:22 | 211,369,984 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2015.01.20 20:42:19 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2015.01.20 20:39:25 | 000,712,920 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\2015_01_20_zaloha.reg
[2015.01.17 12:18:56 | 000,460,734 | ---- | M] () -- C:\Documents and Settings\Uživatel\Plocha\avast hláška.bmp
[2015.01.16 22:23:53 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2015.01.16 22:07:09 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2015.01.14 16:24:17 | 000,701,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2015.01.14 16:24:16 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.01.28 19:00:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.01.27 19:26:32 | 000,000,612 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\WorldOfTanks.exe.lnk
[2015.01.27 16:55:18 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2015.01.27 16:55:18 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2015.01.26 17:28:15 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2015.01.25 19:47:22 | 002,194,432 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\adwcleaner_4.109.exe
[2015.01.24 21:46:16 | 000,008,595 | ---- | C] () -- C:\Addition.zip
[2015.01.24 21:39:26 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\MSGBOX.EXE
[2015.01.24 21:39:26 | 000,015,327 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\LM.bat
[2015.01.24 21:38:45 | 000,112,640 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
[2015.01.22 17:12:24 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2015.01.21 18:19:18 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avast Free Antivirus.lnk
[2015.01.21 18:19:07 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2015.01.21 18:17:05 | 000,206,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2015.01.21 18:17:05 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2015.01.21 18:09:48 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2015.01.20 20:38:56 | 000,712,920 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\2015_01_20_zaloha.reg
[2015.01.17 12:18:56 | 000,460,734 | ---- | C] () -- C:\Documents and Settings\Uživatel\Plocha\avast hláška.bmp
[2014.09.19 22:00:04 | 000,257,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2014.06.11 18:45:16 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2014.03.18 21:54:27 | 033,908,960 | ---- | C] () -- C:\Program Files\AvatarGameCZ.exe
[2013.10.30 15:43:21 | 000,182,272 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2013.10.03 16:39:21 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2013.10.03 16:39:20 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2013.10.03 16:39:19 | 003,123,272 | R--- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2013.06.10 18:44:19 | 000,011,291 | ---- | C] () -- C:\Documents and Settings\Uživatel\Data aplikací\SmarThruOptions.xml
[2013.06.10 18:43:59 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2013.06.10 18:43:52 | 000,000,124 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2013.06.10 18:43:51 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2013.06.10 18:43:03 | 000,479,232 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2013.06.10 18:42:01 | 000,138,240 | R--- | C] () -- C:\WINDOWS\System32\Ssuiext.dll
[2013.06.10 18:42:01 | 000,110,592 | R--- | C] () -- C:\WINDOWS\WiaInst.exe
[2013.06.10 18:42:00 | 000,265,216 | R--- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2013.06.10 18:42:00 | 000,139,776 | R--- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2013.06.10 18:42:00 | 000,116,736 | R--- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2013.06.10 18:42:00 | 000,087,040 | R--- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2013.05.22 17:43:30 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2013.05.22 17:43:25 | 000,025,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2013.04.26 17:58:39 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2013.04.26 16:50:49 | 000,056,320 | ---- | C] () -- C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.23 08:18:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.04.23 08:01:37 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2013.04.23 07:59:49 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2013.04.23 07:55:50 | 001,083,296 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.04.23 07:55:50 | 001,083,296 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.04.23 07:55:50 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.04.23 07:55:41 | 002,288,632 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.04.22 16:24:43 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.04.22 16:23:48 | 000,151,584 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.04.22 14:32:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.04.22 14:29:07 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013.10.17 19:29:43 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.02.21 20:10:13 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.06.01 15:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\.mono
[2015.01.21 18:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.04.05 13:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.05.03 16:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Battle.net
[2013.04.26 18:02:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Buena Vista Games
[2015.01.22 13:52:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CenlEdosu
[2014.04.05 13:10:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.05.30 12:30:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EA Core
[2014.02.28 20:27:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2014.01.03 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IsolatedStorage
[2014.04.22 09:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
[2013.10.04 15:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Logs
[2014.10.26 10:37:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Oracle
[2014.10.04 08:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Origin
[2013.05.30 12:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Solidshield
[2014.01.26 17:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2014.02.03 16:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2014.01.11 13:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VirtualFarm
[2014.05.14 15:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WarThunder
[2013.12.25 12:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Zoner
[2014.05.06 14:08:49 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.09.03 13:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\.minecraft
[2014.06.01 15:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\.mono
[2014.07.14 06:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\.technic
[2014.05.05 17:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\41
[2015.01.21 18:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVAST Software
[2014.04.05 13:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVG
[2013.05.07 21:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Disney Interactive Studios
[2013.05.17 16:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\DisneyInteractiveStudios
[2013.10.25 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ERS G-Studio
[2013.09.24 19:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Friday's games
[2013.04.26 18:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\GHISLER
[2014.01.03 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\IsolatedStorage
[2014.06.08 18:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Leadertech
[2013.06.03 19:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\LibreOffice
[2014.12.20 14:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3
[2014.09.19 15:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Milestone
[2014.02.28 20:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Need for Speed World
[2014.04.26 19:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Nico Mak Computing
[2014.10.02 15:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Origin
[2013.06.25 18:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SanDisk SecureAccess
[2014.10.26 10:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Seznam.cz
[2013.06.10 18:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SmarThru4
[2013.09.04 14:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Sony
[2014.07.07 17:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SpinTires
[2014.02.03 17:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Ubisoft
[2013.06.13 19:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Unity
[2013.04.29 15:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\URSE Games
[2015.01.20 20:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\uTorrent
[2015.01.27 17:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Wargaming.net
[2014.07.07 16:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Warner Bros. Interactive Entertainment
[2014.08.27 14:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\wfirewall
[2014.10.23 17:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\XnView
[2013.12.25 12:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Zoner
[2014.05.16 15:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\_minecraft

========== Purity Check ==========



========== Custom Scans ==========

< >
[2013.04.22 14:29:56 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.04.22 14:33:21 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2015.01.21 18:09:48 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.09.03 13:36:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\.minecraft
[2014.06.01 15:47:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\.mono
[2014.07.14 06:28:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\.technic
[2014.05.05 17:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\41
[2013.06.16 12:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Adobe
[2015.01.21 18:21:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVAST Software
[2014.04.05 13:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVG
[2013.05.07 21:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Disney Interactive Studios
[2013.05.17 16:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\DisneyInteractiveStudios
[2013.10.25 17:34:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\ERS G-Studio
[2013.09.24 19:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Friday's games
[2013.04.26 18:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\GHISLER
[2014.11.18 16:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Google
[2013.04.22 14:34:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Identities
[2014.02.03 16:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\InstallShield
[2014.01.03 11:19:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\IsolatedStorage
[2014.06.08 18:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Leadertech
[2013.06.03 19:49:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\LibreOffice
[2013.04.26 16:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Macromedia
[2013.08.31 08:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Malwarebytes
[2014.12.20 14:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3
[2015.01.20 20:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Media Player Classic
[2015.01.17 21:47:11 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft
[2014.09.19 15:06:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Milestone
[2015.01.03 12:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla
[2014.02.28 20:40:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Need for Speed World
[2014.04.26 19:25:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Nico Mak Computing
[2013.04.29 16:35:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\NVIDIA
[2014.10.02 15:46:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Origin
[2013.06.25 18:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SanDisk SecureAccess
[2014.11.07 16:26:02 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SecuROM
[2014.10.26 10:43:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Seznam.cz
[2015.01.28 19:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Skype
[2013.06.10 18:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SmarThru4
[2013.09.04 14:02:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Sony
[2014.07.07 17:53:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\SpinTires
[2013.04.29 16:21:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Sun
[2014.10.26 14:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\U3
[2014.02.03 17:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Ubisoft
[2013.06.13 19:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Unity
[2013.04.29 15:46:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\URSE Games
[2015.01.20 20:37:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\uTorrent
[2015.01.27 17:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Wargaming.net
[2014.07.07 16:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Warner Bros. Interactive Entertainment
[2014.08.27 14:14:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\wfirewall
[2014.05.16 15:05:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\WinRAR
[2014.10.23 17:43:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\XnView
[2013.12.25 12:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\Zoner
[2014.05.16 15:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\_minecraft

< %APPDATA%\*.exe /s >
[2013.10.26 17:37:57 | 000,689,489 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\Minecraft Launcher.exe
[2014.02.16 11:36:29 | 000,128,312 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\Odinstalovat.exe
[2014.02.17 01:07:35 | 000,130,557 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\Uninstal.exe
[2014.09.19 22:02:12 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2014.06.16 08:40:27 | 003,729,240 | ---- | M] (WinZip International LLC ) -- C:\Documents and Settings\Uživatel\Data aplikací\Nico Mak Computing\WinZip Registry Optimizer\Version 1\productSetup_Setup_6_16_2014.exe
[2014.06.23 13:02:06 | 003,729,240 | ---- | M] (WinZip International LLC ) -- C:\Documents and Settings\Uživatel\Data aplikací\Nico Mak Computing\WinZip Registry Optimizer\Version 1\productSetup_Setup_6_23_2014.exe
[2014.04.15 21:50:42 | 000,921,512 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Uživatel\Data aplikací\Sun\Java\JRERunOnce.exe
[2007.10.23 09:27:20 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\U3\temp\cleanup.exe
[2008.05.02 10:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Uživatel\Data aplikací\U3\temp\Launchpad Removal.exe
[2014.06.01 11:00:00 | 000,042,496 | ---- | M] () -- C:\Documents and Settings\Uživatel\Data aplikací\uTorrent\uninstall.exe
[2014.09.01 19:29:15 | 001,942,864 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Uživatel\Data aplikací\uTorrent\utorrent.exe
[2014.09.01 19:29:15 | 001,942,864 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Uživatel\Data aplikací\uTorrent\updates\3.4.2_33394.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2013.04.22 16:23:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.04.22 16:23:11 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.04.22 16:23:11 | 000,507,904 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2015.01.28 19:16:52 | 000,027,162 | ---- | M] () -- C:\WINDOWS\system32\nvAppTimestamps

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"cfweatherStation" = C:\Program Files\Weather\Weather.exe -- [2008.07.16 08:38:34 | 000,536,064 | ---- | M] (weather-life.com)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Zoner Photo Studio Autoupdate" = C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE -- [2012.12.04 17:20:52 | 000,773,728 | ---- | M] (ZONER software)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2014.12.11 12:55:34 | 030,879,328 | R--- | M] (Skype Technologies S.A.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.01.28 19:00:31 | 000,000,512 | ---- | M] () MD5=C6BD3A1E1C71F31F0BC106E998916E7E -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.02.05 18:41:19 | 000,213,184 | ---- | M] () -- \Games\World_of_Tanks\res\audio\objects_ice_crack.fsb
[2005.06.23 09:51:26 | 000,018,430 | ---- | M] () -- \Program Files\Disney Interactive Studios\Letopisy Narnie\narnia_data\Audio\_SoundFX\Rock\FSRockCrack.wav
[2008.10.01 11:17:26 | 000,000,267 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack1.clues
[2008.10.01 11:17:26 | 000,442,936 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack1.hog
[2008.10.01 11:17:26 | 000,024,966 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack1.LOG
[2008.10.01 11:17:28 | 000,000,267 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack2.clues
[2008.10.01 11:17:28 | 000,442,936 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack2.hog
[2008.10.01 11:17:28 | 000,024,966 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack2.LOG
[2008.10.01 11:17:28 | 000,000,267 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack3.clues
[2008.10.01 11:17:28 | 000,442,936 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack3.hog
[2008.10.01 11:17:28 | 000,024,966 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrack3.LOG
[2008.10.01 11:17:28 | 000,000,270 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrackuber.clues
[2008.10.01 11:17:28 | 000,442,960 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrackuber.hog
[2008.10.01 11:17:28 | 000,024,996 | ---- | M] () -- \Program Files\Disney Interactive Studios\Walt Disney Pictures Bolt\data_dx\objects\smashcrackuber.LOG
[2001.09.10 12:24:10 | 000,025,060 | ---- | M] () -- \Program Files\Disney Interactive\Priserky, s.r.o., Strasidelny ostrov\YYZ\StoneCrack.yyz
[2003.10.03 18:08:10 | 000,000,198 | ---- | M] () -- \Program Files\Singles\GameObject\crackerBox.ago
[2003.12.23 21:51:00 | 000,003,461 | ---- | M] () -- \Program Files\Singles\GuiTexture\MenuIconcracker.png
[2003.12.30 14:58:26 | 000,003,219 | ---- | M] () -- \Program Files\Singles\GuiTexture\MenuIconcrackerBox.png
[2003.06.08 17:19:04 | 000,003,468 | ---- | M] () -- \Program Files\Singles\Mesh\cracker.ams
[2003.12.29 13:06:30 | 000,013,520 | ---- | M] () -- \Program Files\Singles\Mesh\crackerBox.ams
[2004.01.18 00:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\Mesh\col\cracker.rdd
[2004.01.18 00:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\Mesh\col\crackerBox.rdd
[2004.01.18 00:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\MeshLow\col\cracker.rdd
[2004.01.18 00:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\MeshLow\col\crackerBox.rdd
[2004.01.18 00:36:30 | 000,000,464 | ---- | M] () -- \Program Files\Singles\MeshMid\col\cracker.rdd
[2004.01.18 00:36:30 | 000,001,104 | ---- | M] () -- \Program Files\Singles\MeshMid\col\crackerBox.rdd
[2013.02.04 13:39:33 | 000,174,904 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.dds
[2003.06.01 13:50:36 | 000,306,372 | ---- | M] () -- \Program Files\Singles\Texture\crackerbox.png
[2008.03.26 00:00:00 | 000,034,936 | ---- | M] () -- \TopCD\Race\GameData\Sounds\stonechip_windowcrack.wav

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2006.03.11 18:30:00 | 000,080,943 | ---- | M] () -- \_Petra\hry\Config\LoaderPlugin.cnf
[2006.03.11 18:30:00 | 000,080,943 | ---- | M] () -- \_Petra\hry\Config\LoaderPlugin.cnf.bak
[2006.03.11 18:30:00 | 000,022,800 | ---- | M] () -- \_Petra\hry\DIRECTX\DMLOADER.DLL
[2014.02.28 20:32:41 | 000,004,068 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\GFX\_RadialFlareLoader_Double.gfx
[2014.06.18 16:27:12 | 000,303,414 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-0.log
[2014.12.04 16:37:01 | 000,006,043 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-0.log.1
[2014.12.04 16:37:01 | 000,000,000 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-0.log.1.lck
[2014.12.20 14:51:13 | 000,006,044 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-0.log.2
[2014.12.20 14:51:13 | 000,000,000 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-0.log.2.lck
[2014.06.18 16:18:40 | 000,000,000 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-0.log.lck
[2014.05.16 18:01:07 | 000,287,164 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-1.log
[2014.05.16 17:42:10 | 000,281,745 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3\ForgeModLoader-client-2.log
[2013.07.23 19:07:25 | 000,000,376 | ---- | M] () -- \Documents and Settings\Uživatel\Data aplikací\Unity\WebPlayerPrefs\i_2eadultswim_2ecom\prefadultswim-big-games4-game_2dfiles-candy_5fmountain_5fmassacre_5frevenge-20130628-preloader_2eunity3d.upp
[2014.10.24 08:42:10 | 000,072,638 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Data aplikací\Skype\Apps\login\images\loader.gif
[2014.10.24 08:42:10 | 000,003,032 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Data aplikací\Skype\Apps\login\images\loader.png
[2014.10.24 08:42:10 | 000,006,012 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.10.24 08:42:10 | 000,021,956 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.10.24 08:42:10 | 000,009,772 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2015.01.26 17:09:47 | 000,000,365 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\H1YJ9DEZ\widget_ajax_loader[1].js
[2015.01.28 15:06:09 | 000,001,980 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\II0Y0JD0\AdLoader[1].htm
[2015.01.26 20:09:26 | 000,006,734 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\II0Y0JD0\loader[2].js
[2015.01.26 18:01:00 | 000,019,121 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\SNXCYGRR\AdLoader-288a31a04e1398b1a794975bf93ce9a4.min[1].js
[2015.01.26 20:09:44 | 000,002,064 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\TWHO4TY3\ajax-loader[1].gif
[2015.01.27 16:45:08 | 000,006,734 | ---- | M] () -- \Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\UZ7UMB8C\loader[1].js
[2013.10.24 12:45:58 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2014.12.17 22:37:39 | 000,001,512 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\eulaversionloader.pyc
[2014.02.05 18:41:19 | 000,002,209 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2014.02.05 18:41:19 | 000,007,130 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2014.02.05 18:41:19 | 000,003,955 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2014.02.05 18:41:19 | 000,006,579 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2014.02.05 18:41:19 | 000,002,753 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2014.12.17 22:37:39 | 000,001,489 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2014.12.17 22:37:39 | 000,006,757 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2014.12.17 22:37:39 | 000,003,419 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2015.01.12 21:55:10 | 000,007,603 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2014.02.05 18:41:19 | 000,011,286 | ---- | M] () -- \Games\World_of_Tanks\res_bw\scripts\common\lib\unittest\loader.pyc
[2015.01.21 18:18:50 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2007.03.16 15:56:16 | 000,019,968 | ---- | M] () -- \Program Files\Bus Driver\lib\loaders.dll
[2010.10.11 23:24:28 | 000,071,008 | ---- | M] () -- \Program Files\Farming Simulator 2011 Demo\PhysXLoader.dll
[2013.05.03 03:53:46 | 000,006,852 | ---- | M] () -- \Program Files\LibreOffice 4.0\program\pythonloader.py
[2013.05.03 03:34:54 | 000,033,968 | ---- | M] () -- \Program Files\LibreOffice 4.0\program\pythonloader.uno.dll
[2013.05.03 03:56:54 | 000,000,171 | ---- | M] () -- \Program Files\LibreOffice 4.0\program\pythonloader.uno.ini
[2013.06.03 19:49:53 | 000,007,195 | ---- | M] () -- \Program Files\LibreOffice 4.0\program\__pycache__\pythonloader.cpython-33.pyc
[2013.05.02 10:20:48 | 000,013,850 | ---- | M] () -- \Program Files\LibreOffice 4.0\program\python-core-3.3.0\lib\unittest\loader.py
[2013.05.02 10:20:48 | 000,049,593 | ---- | M] () -- \Program Files\LibreOffice 4.0\program\python-core-3.3.0\lib\unittest\test\test_loader.py
[2013.05.02 18:05:48 | 000,124,234 | ---- | M] () -- \Program Files\LibreOffice 4.0\share\extensions\report-builder\libloader-1.1.6.jar
[2013.05.03 03:34:50 | 000,078,512 | ---- | M] () -- \Program Files\LibreOffice 4.0\URE\bin\javaloader.uno.dll
[2013.05.02 11:42:32 | 000,004,314 | ---- | M] () -- \Program Files\LibreOffice 4.0\URE\java\unoloader.jar
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\facebook\7.1.391\js\downloader.js
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\facebooklike\7.1.391\js\downloader.js
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\fbsharedservices\7.1.391\js\downloader.js
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\featured\7.1.391\js\downloader.js
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\games\7.1.391\js\shared\downloader.js
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\apps\chat\7.1.391\js\downloader.js
[2011.10.12 14:04:18 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.391.0\scripts\io\downloader.js
[2011.08.03 14:04:10 | 000,002,713 | ---- | M] () -- \Program Files\N3V Games\Trainz Simulator 12\bin\mozilla\components\uriloader.xpt
[2012.11.01 08:32:14 | 000,057,224 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.09.04 22:34:12 | 000,083,848 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.02.19 11:07:28 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2008.01.11 12:02:50 | 000,114,688 | ---- | M] () -- \Program Files\SmarThru 4\WebUploaderLib.dll
[2008.01.11 11:53:20 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\English\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:53:34 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\French\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:53:46 | 000,000,196 | ---- | M] () -- \Program Files\SmarThru 4\German\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:55:38 | 000,000,203 | ---- | M] () -- \Program Files\SmarThru 4\Hungarian\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:55:24 | 000,000,184 | ---- | M] () -- \Program Files\SmarThru 4\Chinese (Traditional)\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:53:06 | 000,000,178 | ---- | M] () -- \Program Files\SmarThru 4\Chinese\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:54:00 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Italian\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:54:14 | 000,000,191 | ---- | M] () -- \Program Files\SmarThru 4\Korean\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:55:52 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Polish\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:54:52 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese (Brazilian)\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:55:04 | 000,000,192 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:54:26 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\Russian\SmarThruRes-WebUploaderLib.xml
[2008.01.11 11:54:40 | 000,000,193 | ---- | M] () -- \Program Files\SmarThru 4\Spanish\SmarThruRes-WebUploaderLib.xml
[2009.10.23 15:41:45 | 012,010,264 | ---- | M] () -- \Program Files\Sony Setup\Media Go\PSNDownloaderSetup.exe
[2014.12.10 02:28:04 | 000,001,701 | ---- | M] () -- \Program Files\Steam\friends\broadcastuploaderrornotification.res
[2014.11.11 19:48:42 | 000,007,825 | ---- | M] () -- \Program Files\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014.09.19 21:11:25 | 000,058,880 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Batman Arkham City Demo\Binaries\Win32\PhysXLoader.dll
[2013.04.04 20:00:35 | 000,071,008 | ---- | M] () -- \Program Files\Steam\SteamApps\common\Mafia II\pc\PhysXLoader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2013.03.21 16:11:51 | 002,705,537 | ---- | M] () -- \Program Files\World of Warcraft\wow-2.1.1.1897-enGB-tools-downloader.exe
[2013.03.21 16:12:28 | 002,070,207 | ---- | M] () -- \Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2013.03.21 16:24:25 | 005,128,696 | ---- | M] () -- \Program Files\World of Warcraft\Temp\wow-4.2.1.2756-enUS-tools-downloader.exe
[2013.03.21 16:39:31 | 005,731,304 | ---- | M] () -- \Program Files\World of Warcraft\Temp\WoW-4.3-5.0.15890-enUS-Downloader.exe
[2013.03.21 16:24:45 | 000,000,096 | ---- | M] () -- \Program Files\World of Warcraft\Temp\Logs\Downloader Termination.log
[2013.03.21 16:24:41 | 000,001,416 | ---- | M] () -- \Program Files\World of Warcraft\Temp\Logs\Downloader.log
[2012.11.16 10:52:36 | 000,432,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\ZPSPluginLoader.exe
[2012.11.16 10:52:38 | 000,319,488 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Facebook\en\ZPSFacebookUploader.resources.dll
[2012.10.18 16:47:30 | 000,442,368 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\ZPSPluginLoader.exe
[2011.12.06 13:06:40 | 000,323,584 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Flickr\en\ZPSFlickrUploader.resources.dll
[2012.11.16 12:39:34 | 000,193,024 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\ZPSPluginLoader.exe
[2012.10.09 15:49:06 | 000,323,584 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Plugins\Picasa\en\ZPSPicasaUploader.resources.dll
[2012.12.04 17:20:18 | 000,103,520 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\8bfLoader.exe
[2012.12.04 17:20:32 | 000,017,504 | ---- | M] () -- \Program Files\Zoner\Photo Studio 15\Program32\WICLoader.exe
[2010.12.23 14:37:10 | 000,071,008 | ---- | M] () -- \TopCD\Traktor 2\PhysXLoader.dll
[2010.12.23 14:28:40 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_baleLoader.dds
[2010.12.23 14:28:40 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_deutzFrontloaderBalefork.dds
[2010.12.23 14:28:40 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_deutzFrontloaderPalletfork.dds
[2010.12.23 14:28:42 | 000,032,896 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\store_deutzFrontloaderShovel.dds
[2010.12.23 14:26:38 | 006,936,663 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.i3d
[2010.12.23 14:26:36 | 000,007,803 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader.xml
[2010.12.23 14:26:38 | 000,696,448 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_diffuse.dds
[2010.12.23 14:26:36 | 000,174,904 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_normal.dds
[2010.12.23 14:26:36 | 000,174,904 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzAgrofarmFrontloader_specular.dds
[2010.12.23 14:26:38 | 000,115,296 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.i3d
[2010.12.23 14:26:36 | 000,000,515 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderBalefork.xml
[2010.12.23 14:26:38 | 000,136,285 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.i3d
[2010.12.23 14:26:36 | 000,000,517 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderPalletfork.xml
[2010.12.23 14:26:38 | 000,105,628 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderShovel.i3d
[2010.12.23 14:26:38 | 000,000,710 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\steerable\deutz\deutzFrontloaderShovel.xml
[2010.12.23 14:28:16 | 000,615,989 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoader.i3d
[2010.12.23 14:28:16 | 000,008,640 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoader.xml
[2010.12.23 14:28:16 | 000,174,904 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoaderWheel_diffuse.dds
[2010.12.23 14:28:16 | 000,699,192 | ---- | M] () -- \TopCD\Traktor 2\data\vehicles\trailers\baleLoader_diffuse.dds
[2015.01.28 18:55:17 | 000,015,344 | ---- | M] () -- \WINDOWS\Prefetch\ASWWRCIELOADER32.EXE-3301B618.pf
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2013.04.26 10:45:20 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2013.05.06 10:20:06 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >
[2003.04.11 16:13:14 | 000,059,006 | ---- | M] () -- \Program Files\THQ\Hledá se Nemo\resources\universal\TestNode.co2

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2006.03.11 18:30:00 | 000,041,472 | ---- | M] () -- \_Petra\hry\DIRECTX\DPSERIAL.DLL
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2013.05.30 12:35:14 | 000,000,024 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Solidshield\361F0237BE7E5793B9BDFEC1657C6962\serial.txt
[2014.03.18 16:57:32 | 000,000,023 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Solidshield\Q78N7082Q787865V8ZQB22CM9V734312\serial.txt
[2014.12.17 22:37:39 | 000,005,724 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\shared\gui_items\serializers.pyc
[1997.07.14 15:00:00 | 000,041,472 | ---- | M] () -- \Program Files\Eidos Interactive\Joint Strike Fighter Playable Demo\directx\dpserial.dll
[2013.05.02 18:05:48 | 000,021,761 | ---- | M] () -- \Program Files\LibreOffice 4.0\share\extensions\report-builder\libserializer-1.1.6.jar
[2014.05.13 22:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.25 22:34:23 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014.09.19 21:57:44 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.18 20:40:26 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.15 12:45:19 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.14 23:31:52 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.26 23:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 13:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< >

< >

< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#39 Příspěvek od Márty84 »

:!: Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

:services
SkypeUpdate
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes,DefaultScope = {6843c611-16a1-4008-9935-abee902b0711}
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1644491937-73586283-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
FF - prefs.js..browser.search.isUS: false
[2015.01.27 19:01:18 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2015.01.28 17:38:00 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\UĹĽIVATEL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\N3T41V53.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O15 - HKU\S-1-5-21-1644491937-73586283-682003330-1003\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Reg Error: Key error.)
[2014.04.05 13:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.04.05 13:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Uživatel\Data aplikací\AVG
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#40 Příspěvek od dapemato »

Tak vkládám...jinak k těm mailům, ani v nouzovém režimu nejdou na exploreru pustit... :frusty:


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: U~ivatel

User: uživatel

User: U§ivatel
->Temporary Internet Files folder emptied: 0 bytes

User: U×ivatel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Uživatel
->Temp folder emptied: 21150583 bytes
->Temporary Internet Files folder emptied: 331725385 bytes
->FireFox cache emptied: 99086351 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1222 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 340384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 432,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: UpdatusUser

User: U~ivatel

User: uživatel

User: U§ivatel

User: U×ivatel

User: Uživatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named AdobeFlashPlayerUpdateSvc was found to stop!
Service\Driver key AdobeFlashPlayerUpdateSvc not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: false removed from browser.search.isUS
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}\ deleted successfully.
C:\Program Files\Seznam.cz\listicka.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1}\ deleted successfully.
C:\Program Files\Seznam.cz\toolbar\toolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ deleted successfully.
File C:\Program Files\Seznam.cz\listicka.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E46D7B6-887D-4F81-B4CA-FCC92AF73610}\ not found.
File C:\Program Files\Seznam.cz\listicka.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ deleted successfully.
File C:\Program Files\Seznam.cz\listicka.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E6D6F90-31CA-4878-A7A3-1CD50F115A69}\ not found.
File C:\Program Files\Seznam.cz\listicka.dll not found.
Registry key HKEY_USERS\S-1-5-21-1644491937-73586283-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Starting removal of ActiveX control {233C1507-6A77-46A4-9443-F871F945D258}
C:\WINDOWS\Downloaded Program Files\swdir.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{233C1507-6A77-46A4-9443-F871F945D258}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{233C1507-6A77-46A4-9443-F871F945D258}\ not found.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL2014\Dashboard folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\Uživatel\Data aplikací\AVG folder moved successfully.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01292015_184943

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\9NNHZ60R\desktop.ini not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\900YJCOA\desktop.ini not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\8JJFYI1J\desktop.ini not found!
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\51ISHGSW\desktop.ini not found!
C:\Documents and Settings\Uživatel\Local Settings\Temp\B0B085B3-E45A-47d2-82E4-E038335848C7-szn-software-listicka-historyfile.$$$ moved successfully.
C:\Documents and Settings\Uživatel\Local Settings\Temp\JavaDeployReg.log moved successfully.
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\UZ7UMB8C\context[1].htm moved successfully.
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\II0Y0JD0\afr[1].htm moved successfully.
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\II0Y0JD0\afr[2].htm moved successfully.
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\II0Y0JD0\context[1].htm moved successfully.
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\II0Y0JD0\viewtopic[2].htm moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\WINDOWS\temp\Perflib_Perfdata_fe4.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#41 Příspěvek od Márty84 »

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remote disinfection tools
  • Kliknete na Run

V lozich nevidim nic, co by melo maily blokovat :?:

Zkuste na chvili vypnout antivir a firewall
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#42 Příspěvek od dapemato »

Tak jsem to zkusila vypnout a za chvíli zapnout...hmm nic se nezměnilo a tak vůbec je to načítání exploreru pomalejší než Mozilla a navíc padá...tak nevím čím to může být...jinak vše ok :)
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#43 Příspěvek od Márty84 »

dapemato píše:Tak jsem to zkusila vypnout a za chvíli zapnout...
Ted nevim, jestli jsme se pochopili. Myslel jsem, ze to na chvili vypnete a vyzkousite chod exploreru s vypnutym zabezpecenim :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
dapemato
Návštěvník
Návštěvník
Příspěvky: 97
Registrován: 26 črc 2011 14:20

Re: asi nějaký vir??

#44 Příspěvek od dapemato »

Pochopili :wink: ....vypnula, odzkoušela a nic..
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: asi nějaký vir??

#45 Příspěvek od Márty84 »

:arrow: Zkuste v IE zakazat veskere doplnky/rozsireni

:arrow: Dejte novy log z RSIT http://forum.viry.cz/viewtopic.php?f=30&t=130787
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“