Policejní vir odstraněn, prosím o kontrolu logu

[Márty84]

Nic jste neudelala spatne

Obcas se to stane, ze OTL tuhle chybku vyhodi


Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Dneska mam bohuzel dlouhou sichtu, tak nevim, kdy se dostanu k pc. Mozna ze az vecer

[...:::Monika:::...]

OTL logfile created on: 27.12.2013 11:17:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martina\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,18 Mb Total Physical Memory | 216,57 Mb Available Physical Memory | 21,35% Memory free
1,99 Gb Paging File | 0,78 Gb Available in Paging File | 39,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 44,94 Gb Free Space | 44,94% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 56,91 Gb Free Space | 48,28% Space Free | Partition Type: NTFS

Computer Name: MARTINA-PC | User Name: Martina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.12.26 19:35:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martina\Desktop\OTL.exe
PRC - [2013.07.18 19:40:36 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2013.02.13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.21 10:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.02.10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:37 | 001,131,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
PRC - [2010.09.03 20:02:08 | 001,245,104 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
PRC - [2010.09.02 23:01:42 | 000,095,744 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
PRC - [2010.06.10 22:12:06 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
PRC - [2010.06.10 08:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.06.09 23:26:34 | 000,412,600 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
PRC - [2010.05.29 01:41:36 | 000,445,344 | ---- | M] (ASUS) -- C:\Program Files\EeePC\CapsHook\CapsHook.exe
PRC - [2010.04.07 06:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2009.12.10 00:51:18 | 000,115,888 | ---- | M] (Oceanis) -- C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe
PRC - [2009.08.19 02:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe
PRC - [2009.07.20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2007.03.29 15:41:26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2013.12.11 20:19:33 | 016,242,056 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.10.10 20:18:35 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.10.10 20:15:41 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013.09.12 21:19:30 | 001,670,144 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\f4e49f5f51d2fa5e6190464468dff4d3\Microsoft.VisualBasic.ni.dll
MOD - [2013.08.15 16:58:48 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.08.15 16:56:02 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.08.15 16:55:19 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.07.10 17:08:56 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.02.13 03:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 03:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.02 11:40:52 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010.06.10 22:12:06 | 000,414,384 | ---- | M] () -- C:\Program Files\ASUS\Eee Docking\Eee Docking.exe


========== Services (SafeList) ==========

SRV - [2013.12.11 20:19:36 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.08.21 10:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.10 10:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.10 10:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2009.08.19 02:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009.07.20 10:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwrchid.sys -- (btwrchid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\windows\system32\DRIVERS\btwavdt.sys -- (btwavdt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2012.08.21 10:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 10:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 10:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 10:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 10:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 10:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.08.24 10:55:51 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.03.31 02:40:20 | 000,011,520 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsUpIO.sys -- (AsUpIO)
DRV - [2009.10.05 18:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.01 05:46:20 | 000,043,944 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_34: C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.04.01 11:00:12 | 000,000,000 | ---D | M]

[2013.12.25 21:51:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - Extension: Bookmark Manager = C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\

O1 HOSTS File: ([2013.12.26 19:14:13 | 000,000,741 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Windows 7 Starter Helper) - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\aprp.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CapsHook] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe ()
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HotkeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_34)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.179.144.2 194.12.32.253
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39697481-8F3A-4ACB-8B8F-5116309626FC}: DhcpNameServer = 193.179.144.2 194.12.32.253
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-1871618965-4188525786-3471104996-1000 Winlogon: Shell - (C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe) - C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe (Oceanis)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: x64 - (c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll) - File not found
O36 - AppCertDlls: x86 - (c:\program files\movies toolbar\datamngr\apcrtldr.dll) - File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.12.26 19:35:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martina\Desktop\OTL.exe
[2013.12.26 18:59:21 | 000,014,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\wmilib.sys.bak
[2013.12.26 18:59:20 | 000,035,968 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\winusb.sys.bak
[2013.12.26 18:59:19 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys.bak
[2013.12.26 18:59:18 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\watchdog.sys.bak
[2013.12.26 18:59:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\vwifimp.sys.bak
[2013.12.26 18:59:15 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\videoprt.sys.bak
[2013.12.26 18:59:12 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbrpm.sys.bak
[2013.12.26 18:59:11 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys.bak
[2013.12.26 18:59:10 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD2.sys.bak
[2013.12.26 18:59:10 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys.bak
[2013.12.26 18:59:09 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD.sys.bak
[2013.12.26 18:59:09 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys.bak
[2013.12.26 18:59:07 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys.bak
[2013.12.26 18:59:06 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\tdi.sys.bak
[2013.12.26 18:59:04 | 000,053,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\stream.sys.bak
[2013.12.26 18:59:04 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\tape.sys.bak
[2013.12.26 18:59:03 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys.bak
[2013.12.26 18:59:02 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\spsys.sys.bak
[2013.12.26 18:59:01 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\smclib.sys.bak
[2013.12.26 18:58:57 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\scsiport.sys.bak
[2013.12.26 18:58:54 | 001,015,912 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\System32\drivers\rtl8192se.sys.bak
[2013.12.26 18:58:52 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys.bak
[2013.12.26 18:58:51 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\rmcast.sys.bak
[2013.12.26 18:58:45 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys.bak
[2013.12.26 18:58:43 | 000,042,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\pciidex.sys.bak
[2013.12.26 18:58:37 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys.bak
[2013.12.26 18:58:25 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\mcd.sys.bak
[2013.12.26 18:58:23 | 000,068,208 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\L1C62x86.sys.bak
[2013.12.26 18:58:22 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys.bak
[2013.12.26 18:58:13 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidparse.sys.bak
[2013.12.26 18:58:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\hidclass.sys.bak
[2013.12.26 18:58:10 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS.bak
[2013.12.26 18:58:04 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys.bak
[2013.12.26 18:58:03 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxg.sys.bak
[2013.12.26 18:58:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxapi.sys.bak
[2013.12.26 18:58:02 | 000,055,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dumpfve.sys.bak
[2013.12.26 18:58:02 | 000,026,704 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Dumpata.sys.bak
[2013.12.26 18:58:01 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys.bak
[2013.12.26 18:58:01 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys.bak
[2013.12.26 18:57:59 | 000,035,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\crashdmp.sys.bak
[2013.12.26 18:57:58 | 000,140,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Classpnp.sys.bak
[2013.12.26 18:57:56 | 000,043,944 | ---- | C] (Broadcom Corporation.) -- C:\windows\System32\drivers\btusbflt.sys.bak
[2013.12.26 18:57:52 | 000,025,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\battc.sys.bak
[2013.12.26 18:57:51 | 001,221,632 | ---- | C] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\athr.sys.bak
[2013.12.26 18:57:51 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ataport.sys.bak
[2013.12.26 18:57:39 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\1394bus.sys.bak
[2013.12.26 18:53:30 | 000,000,000 | ---D | C] -- C:\Users\Martina\Desktop\RK_Quarantine
[2013.12.26 18:47:13 | 000,000,000 | ---D | C] -- C:\Users\Martina\Desktop\Smart
[2013.12.26 18:44:04 | 001,149,912 | ---- | C] (Crystal Dew World) -- C:\Users\Martina\Desktop\DiskInfo.exe
[2013.12.26 18:43:58 | 000,000,000 | ---D | C] -- C:\Users\Martina\Desktop\CdiResource
[2013.12.25 22:04:51 | 000,000,000 | ---D | C] -- C:\Users\Martina\AppData\Roaming\Malwarebytes
[2013.12.25 22:04:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.12.25 22:01:24 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Martina\Desktop\mbam-setup-1.75.0.1300.exe
[2013.12.25 21:26:55 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.25 20:54:26 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.25 14:10:09 | 000,000,000 | ---D | C] -- C:\Users\Martina\AppData\Local\ElevatedDiagnostics
[2013.12.12 00:00:35 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wmploc.DLL
[2013.12.11 23:56:24 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2013.12.11 23:56:19 | 002,877,952 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll
[2013.12.11 23:56:17 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2013.12.11 23:56:15 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2013.12.11 23:56:14 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2013.12.11 23:56:10 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2013.12.11 23:56:10 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2013.12.11 23:56:09 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2013.12.11 23:56:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2013.12.11 23:56:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe
[2013.12.11 19:35:47 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cscript.exe
[2013.12.11 19:35:45 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMPhoto.dll
[2013.12.11 19:35:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2013.12.11 19:35:16 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013.12.11 19:35:13 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys
[2013.12.11 19:35:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys

========== Files - Modified Within 30 Days ==========

[2013.12.27 11:29:13 | 000,000,938 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.12.27 11:25:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.27 11:19:07 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.12.27 11:14:59 | 000,000,942 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.12.27 11:14:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.12.26 19:35:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martina\Desktop\OTL.exe
[2013.12.26 19:12:31 | 000,035,968 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\winusb.sys.bak
[2013.12.26 19:12:31 | 000,014,912 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\wmilib.sys.bak
[2013.12.26 19:12:30 | 000,047,720 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\WdfLdr.sys.bak
[2013.12.26 19:12:30 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\watchdog.sys.bak
[2013.12.26 19:12:29 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\vwifimp.sys.bak
[2013.12.26 19:12:28 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\videoprt.sys.bak
[2013.12.26 19:12:26 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys.bak
[2013.12.26 19:12:26 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usbrpm.sys.bak
[2013.12.26 19:12:25 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD2.sys.bak
[2013.12.26 19:12:25 | 000,025,856 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\USBCAMD.sys.bak
[2013.12.26 19:12:25 | 000,006,016 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys.bak
[2013.12.26 19:12:24 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\usb8023.sys.bak
[2013.12.26 19:12:23 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\TsUsbFlt.sys.bak
[2013.12.26 19:12:23 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\tdi.sys.bak
[2013.12.26 19:12:22 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\tape.sys.bak
[2013.12.26 19:12:21 | 000,148,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys.bak
[2013.12.26 19:12:21 | 000,053,632 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\stream.sys.bak
[2013.12.26 19:12:20 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\spsys.sys.bak
[2013.12.26 19:12:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\smclib.sys.bak
[2013.12.26 19:12:18 | 000,140,160 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\scsiport.sys.bak
[2013.12.26 19:12:17 | 001,015,912 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\windows\System32\drivers\rtl8192se.sys.bak
[2013.12.26 19:12:15 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\rmcast.sys.bak
[2013.12.26 19:12:15 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\RNDISMP.sys.bak
[2013.12.26 19:12:12 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\portcls.sys.bak
[2013.12.26 19:12:11 | 000,042,560 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\pciidex.sys.bak
[2013.12.26 19:12:08 | 000,240,496 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\netio.sys.bak
[2013.12.26 19:12:02 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\mcd.sys.bak
[2013.12.26 19:12:01 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\L1C62x86.sys.bak
[2013.12.26 19:12:00 | 000,190,976 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys.bak
[2013.12.26 19:12:00 | 000,013,880 | ---- | M] ( ) -- C:\windows\System32\drivers\kbfiltr.sys.bak
[2013.12.26 19:11:55 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\hidclass.sys.bak
[2013.12.26 19:11:55 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\hidparse.sys.bak
[2013.12.26 19:11:54 | 000,187,752 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\FWPKCLNT.SYS.bak
[2013.12.26 19:11:49 | 000,218,984 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys.bak
[2013.12.26 19:11:49 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxg.sys.bak
[2013.12.26 19:11:49 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dxapi.sys.bak
[2013.12.26 19:11:48 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\drmk.sys.bak
[2013.12.26 19:11:48 | 000,055,584 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\dumpfve.sys.bak
[2013.12.26 19:11:48 | 000,027,008 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys.bak
[2013.12.26 19:11:48 | 000,026,704 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\Dumpata.sys.bak
[2013.12.26 19:11:47 | 000,035,408 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\crashdmp.sys.bak
[2013.12.26 19:11:46 | 000,140,864 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\Classpnp.sys.bak
[2013.12.26 19:11:45 | 000,043,944 | ---- | M] (Broadcom Corporation.) -- C:\windows\System32\drivers\btusbflt.sys.bak
[2013.12.26 19:11:42 | 000,025,168 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\battc.sys.bak
[2013.12.26 19:11:41 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) -- C:\windows\System32\drivers\athr.sys.bak
[2013.12.26 19:11:41 | 000,133,056 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\ataport.sys.bak
[2013.12.26 19:11:40 | 000,011,520 | ---- | M] () -- C:\windows\System32\drivers\AsUpIO.sys.bak
[2013.12.26 19:11:40 | 000,006,144 | ---- | M] () -- C:\windows\System32\drivers\ASUSHWIO.SYS.bak
[2013.12.26 19:11:36 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\drivers\1394bus.sys.bak
[2013.12.26 18:52:51 | 003,770,368 | ---- | M] () -- C:\Users\Martina\Desktop\RogueKiller.exe
[2013.12.26 18:49:30 | 000,000,262 | ---- | M] () -- C:\Users\Martina\Desktop\DiskInfo.ini
[2013.12.26 18:45:01 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.26 18:45:01 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.26 18:43:01 | 001,496,172 | ---- | M] () -- C:\Users\Martina\Desktop\CrystalDiskInfo5_0_0.zip
[2013.12.26 18:37:17 | 797,581,312 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.26 18:33:50 | 000,631,526 | ---- | M] () -- C:\windows\System32\perfh005.dat
[2013.12.26 18:33:50 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013.12.26 18:33:50 | 000,122,148 | ---- | M] () -- C:\windows\System32\perfc005.dat
[2013.12.26 18:33:50 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013.12.25 22:02:38 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Martina\Desktop\mbam-setup-1.75.0.1300.exe
[2013.12.25 21:26:16 | 001,233,962 | ---- | M] () -- C:\Users\Martina\Desktop\adwcleaner.exe
[2013.12.25 20:53:51 | 000,781,383 | ---- | M] () -- C:\Users\Martina\Desktop\RSIT.exe
[2013.12.25 14:31:36 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.12.25 14:31:30 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2013.12.25 14:22:44 | 095,025,368 | ---- | M] () -- C:\ProgramData\vtqjv7t.fee
[2013.12.25 13:20:48 | 000,000,000 | ---- | M] () -- C:\ProgramData\vtqjv7t.odd
[2013.12.17 15:25:23 | 000,004,608 | ---- | M] () -- C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.12 19:20:22 | 000,404,288 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013.12.11 20:19:35 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe
[2013.12.11 20:19:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl
[2013.12.08 09:23:08 | 744,695,808 | ---- | M] () -- C:\Users\Martina\Desktop\Blbec-na-krku-Komedie-2002-CZ-adriatic.avi

========== Files Created - No Company Name ==========

[2013.12.26 18:58:22 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys.bak
[2013.12.26 18:57:50 | 000,011,520 | ---- | C] () -- C:\windows\System32\drivers\AsUpIO.sys.bak
[2013.12.26 18:57:50 | 000,006,144 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS.bak
[2013.12.26 18:52:48 | 003,770,368 | ---- | C] () -- C:\Users\Martina\Desktop\RogueKiller.exe
[2013.12.26 18:46:57 | 000,000,262 | ---- | C] () -- C:\Users\Martina\Desktop\DiskInfo.ini
[2013.12.26 18:42:59 | 001,496,172 | ---- | C] () -- C:\Users\Martina\Desktop\CrystalDiskInfo5_0_0.zip
[2013.12.25 21:26:15 | 001,233,962 | ---- | C] () -- C:\Users\Martina\Desktop\adwcleaner.exe
[2013.12.25 20:53:47 | 000,781,383 | ---- | C] () -- C:\Users\Martina\Desktop\RSIT.exe
[2013.12.25 14:31:36 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.12.25 13:17:54 | 000,000,000 | ---- | C] () -- C:\ProgramData\vtqjv7t.odd
[2013.12.25 13:17:48 | 095,025,368 | ---- | C] () -- C:\ProgramData\vtqjv7t.fee
[2013.12.24 09:30:12 | 055,410,552 | ---- | C] () -- C:\Users\Martina\Desktop\F1-Nehody.avi
[2013.12.24 09:25:28 | 744,695,808 | ---- | C] () -- C:\Users\Martina\Desktop\Blbec-na-krku-Komedie-2002-CZ-adriatic.avi
[2013.12.17 15:25:12 | 000,004,608 | ---- | C] () -- C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.08 20:42:44 | 000,000,020 | ---- | C] () -- C:\windows\mafosav.INI
[2011.11.25 16:20:11 | 000,007,605 | ---- | C] () -- C:\Users\Martina\AppData\Local\Resmon.ResmonCfg
[2010.12.22 15:11:22 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.09.27 14:02:18 | 000,104,018 | ---- | C] () -- C:\Users\Martina\AppData\Roaming\PremeSplashScreen.jpg

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.12.22 15:27:52 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage
[2010.12.22 15:27:52 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage
[2011.11.13 14:38:24 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Artogon
[2011.08.14 20:39:46 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\ASUS WebStorage
[2011.07.03 17:36:29 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\BlamGames
[2011.10.09 04:09:51 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Dexpot
[2011.06.19 23:29:41 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\E-Cam
[2011.07.03 16:20:30 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\ERS G-Studio
[2011.07.03 12:42:24 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Friday's games
[2011.10.08 22:25:37 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\GHISLER
[2011.07.03 12:05:13 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Gold Casual Games
[2011.06.18 21:02:28 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Laconic Software
[2011.11.12 14:17:15 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Ladia Group
[2011.07.03 17:14:44 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Meridian93
[2011.09.19 17:33:59 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Opera
[2013.04.29 17:29:27 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\PhotoFiltre 7
[2013.06.14 15:10:18 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\PhotoScape
[2011.06.26 18:53:46 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Preme for Windows 7
[2011.06.26 19:04:07 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\PremeforWindows7
[2011.07.03 16:11:30 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Trio
[2013.12.25 21:51:17 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Uniblue
[2013.06.14 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\uTorrent
[2013.06.14 14:07:30 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,522 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2012.09.20 19:19:54 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.11.13 20:50:13 | 000,000,938 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.11.13 20:50:15 | 000,000,942 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.11.10 00:09:33 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.11.10 00:09:33 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.11.10 00:09:33 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.11.10 00:09:33 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\System32\drivers\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.06.18 10:17:57 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Adobe
[2011.11.13 14:38:24 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Artogon
[2011.08.14 20:39:46 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\ASUS WebStorage
[2011.07.03 17:36:29 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\BlamGames
[2011.08.14 20:29:41 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\CyberLink
[2011.10.09 04:09:51 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Dexpot
[2013.12.25 13:18:59 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\DivX
[2012.10.13 22:42:41 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\dvdcss
[2011.06.19 23:29:41 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\E-Cam
[2011.07.03 16:20:30 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\ERS G-Studio
[2011.07.03 12:42:24 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Friday's games
[2011.10.08 22:25:37 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\GHISLER
[2011.07.03 12:05:13 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Gold Casual Games
[2013.06.14 14:11:23 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Identities
[2010.12.22 15:02:03 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\InstallShield
[2011.06.18 21:02:28 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Laconic Software
[2011.11.12 14:17:15 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Ladia Group
[2010.12.22 15:12:36 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Macromedia
[2012.02.24 21:27:22 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Macrovision
[2013.12.25 22:04:51 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Malwarebytes
[2011.07.03 17:14:44 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Meridian93
[2012.12.08 22:27:08 | 000,000,000 | --SD | M] -- C:\Users\Martina\AppData\Roaming\Microsoft
[2010.12.22 15:19:25 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Mozilla
[2011.08.14 20:48:53 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Nero
[2011.09.19 17:33:59 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Opera
[2013.04.29 17:29:27 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\PhotoFiltre 7
[2013.06.14 15:10:18 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\PhotoScape
[2011.06.26 18:53:46 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Preme for Windows 7
[2011.06.26 19:04:07 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\PremeforWindows7
[2012.01.07 03:55:45 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Real
[2013.06.13 21:25:03 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Skype
[2011.07.03 16:11:30 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Trio
[2013.12.25 21:51:17 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Uniblue
[2013.06.14 15:31:58 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\uTorrent
[2013.12.25 14:27:37 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\vlc
[2011.08.13 21:01:43 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\WinRAR
[2013.06.14 14:07:30 | 000,000,000 | ---D | M] -- C:\Users\Martina\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2009.12.12 15:25:12 | 000,217,259 | ---- | M] () -- C:\Users\Martina\AppData\Roaming\PremeforWindows7\EngineHow.exe
[2013.02.10 12:41:15 | 001,051,984 | ---- | M] (BitTorrent Inc.) -- C:\Users\Martina\AppData\Roaming\uTorrent\uTorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.12.27 11:19:07 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2013.12.27 11:29:13 | 000,000,938 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.12.27 12:10:08 | 000,000,942 | ---- | M] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.12.26 18:45:01 | 000,009,696 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.26 18:45:01 | 000,009,696 | -H-- | M] () -- C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.25 14:31:30 | 000,002,577 | ---- | M] () -- C:\windows\system32\config.nt
[2013.12.26 18:33:50 | 000,122,148 | ---- | M] () -- C:\windows\system32\perfc005.dat
[2013.12.26 18:33:50 | 000,106,622 | ---- | M] () -- C:\windows\system32\perfc009.dat
[2013.12.26 18:33:50 | 000,631,526 | ---- | M] () -- C:\windows\system32\perfh005.dat
[2013.12.26 18:33:50 | 000,616,242 | ---- | M] () -- C:\windows\system32\perfh009.dat
[2013.12.26 18:33:50 | 001,470,298 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.12.07 07:55:04 | 000,006,820 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\Search Results Toolbar\Datamngr\SRTOOL~1\chrome\skin\lib\panels\images\ajax-loader.gif.vir
[2010.09.01 09:49:08 | 000,014,666 | ---- | M] () -- \Program Files\ASUS\ASUS WebStorage\3.0.108.222\panel\assets\images\uploader_photo.png
[2010.09.14 08:15:20 | 000,000,946 | ---- | M] () -- \Program Files\ASUS\ASUS WebStorage\3.0.108.222\panel\assets\images\uploader_title.png
[2010.09.01 09:49:08 | 000,014,666 | ---- | M] () -- \Program Files\ASUS\ASUS WebStorage\3.0.84.161\panel\assets\images\uploader_photo.png
[2010.09.14 08:15:20 | 000,000,946 | ---- | M] () -- \Program Files\ASUS\ASUS WebStorage\3.0.84.161\panel\assets\images\uploader_title.png
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\apps\facebook\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\apps\facebooklike\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\apps\fbsharedservices\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\apps\featured\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\apps\games\7.1.361\js\shared\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\apps\chat\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Program Files\Microsoft\BingBar\7.1.361.0\scripts\io\downloader.js
[2009.07.20 10:52:26 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2009.07.20 10:52:26 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.1.361\js\downloader.js
[2012.11.13 13:57:20 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\Facebook_76c7b5062c4e4be69d843ace834517ec\7.2.224\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.1.361\js\downloader.js
[2012.02.20 11:15:30 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\FacebookLike_08e57417866d4faa981702780b0d36c4\7.2.101\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.1.361\js\downloader.js
[2012.02.20 11:15:30 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\fbsharedservices_bb9c6e8b961d477e9ec95f9698bde610\7.2.101\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\Featured_ce53daa069a4a3ad2e3d7d81081f340d\7.1.361\js\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\Games_6e70de9fd0324919b424492c3e6a043d\7.1.361\js\shared\downloader.js
[2012.01.31 15:16:24 | 000,006,643 | ---- | M] () -- \Users\Martina\AppData\Local\Microsoft\BingBar\Apps\Chat_cf57b0088a3b4f61a0bfaad0ba784240\7.1.361\js\downloader.js
[2011.06.25 12:17:42 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.26 19:17:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.26 19:17:12 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.26 19:17:12 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.06.23 10:36:33 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.06.23 10:36:33 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.06.23 10:36:33 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.26 19:13:53 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2013.01.16 13:47:30 | 000,026,464 | ---- | M] () -- \AdwCleaner\Quarantine\C\Program Files\Uniblue\DriverScanner\ds_move_serial.exe.vir
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.10 19:13:19 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.04.15 03:20:46 | 000,415,592 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.15 03:20:46 | 000,141,168 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.15 03:20:46 | 000,321,376 | ---- | M] () -- \Program Files\Windows Live\Mesh\System.Xml.Serialization.dll
[2013.03.29 17:12:34 | 000,000,389 | ---- | M] () -- \Users\Martina\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serial-online.cz%2Ffavicon.png
[2013.02.18 17:25:51 | 000,000,673 | ---- | M] () -- \Users\Martina\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialycz.cz%2Fwp-content%2Fuploads%2Ffavicon1.png
[2013.02.13 21:42:24 | 000,000,581 | ---- | M] () -- \Users\Martina\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serialzone.cz%2Ffavicon.png
[2009.07.26 19:15:57 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 16:59:41 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.16 10:13:01 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.10.10 21:08:56 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013.08.14 21:23:19 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.07.10 20:20:38 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2010.03.18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2011.06.29 05:46:51 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.10.10 19:01:31 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2011.06.29 05:46:50 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.10.10 19:01:25 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.10 19:01:50 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 01:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 01:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.26 19:15:39 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2013.12.26 19:12:18 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys.bak
[2009.07.26 19:16:06 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.26 19:16:57 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 04:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.26 19:13:37 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 04:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 04:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.26 19:15:57 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.26 19:16:18 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.26 19:15:31 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.26 19:15:39 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.26 19:16:19 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.26 19:16:06 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[...:::Monika:::...]

OTL Extras logfile created on: 27.12.2013 11:17:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martina\Desktop
Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,18 Mb Total Physical Memory | 216,57 Mb Available Physical Memory | 21,35% Memory free
1,99 Gb Paging File | 0,78 Gb Available in Paging File | 39,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 100,00 Gb Total Space | 44,94 Gb Free Space | 44,94% Space Free | Partition Type: NTFS
Drive D: | 117,87 Gb Total Space | 56,91 Gb Free Space | 48,28% Space Free | Partition Type: NTFS

Computer Name: MARTINA-PC | User Name: Martina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3EB4C665-607C-4C42-BBFE-03C6CE5470D1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E6AC8C67-383C-4A53-9D99-802102C6D7B7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F8FEF224-4A2E-4E86-8740-2BDE1CAFFA36}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01808B00-9410-41D6-8D9A-550DA37A69B6}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{26576701-5FFF-4AD0-BCCA-4F60543BC634}" = protocol=17 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{4A65CE27-B855-42CD-9EAF-3AC197528DF0}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{56EFEC78-4D16-401E-88BE-E8C276C0AAE2}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{5E14239D-8432-4DD3-B07D-43E540D9E1AF}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{62BFFFB2-8BA2-4D44-8FDC-29B69064CBC2}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{6A91526A-0DCB-4DC9-A64D-2B6D6869FD8F}" = protocol=17 | dir=in | app=c:\users\martina\appdata\roaming\utorrent\utorrent.exe |
"{727B38A2-0127-4D6B-AD78-9E38BEF26C21}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{78678282-C26C-414B-85AE-717FEF579A09}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{876B4D53-1F61-41CA-80EE-5F7C75410320}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{AE29646A-8BE1-4C37-B9FB-60C22A45C2FA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{AFF03420-05E3-4649-B934-13F96D740DA3}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{BDE583D5-2F09-478F-8193-68B307FAAB9E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{C1DD45A9-EAD4-4F1B-B5F0-AD488688BC00}" = protocol=6 | dir=in | app=c:\program files\search results toolbar\datamngr\srtool~1\dtuser.exe |
"{CF2A38E7-14C3-4192-9815-DDCC3A1BE704}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D2014648-D90F-4883-8CEA-5272E2386FB7}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{D2F69FAD-51FC-465D-B81F-86D16044D37E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF5AF517-7306-4FD1-B394-46EDE0936746}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F3B62AD8-5E35-425A-BF75-C5E91E93F736}" = protocol=6 | dir=in | app=c:\users\martina\appdata\roaming\utorrent\utorrent.exe |
"{FE61F3F7-C5FC-4D22-95D2-43960DFA8E79}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{018FB449-129E-4CE6-B5E7-68FE34FB5BBA}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"UDP Query User{F8BC09E3-19EC-4205-836B-8C2F067E077F}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C6994E1-3AE1-4CDD-A760-1628E6B8CD03}" = Windows Live Family Safety
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"{185AFA7A-F63E-450B-94AA-011CAC18090E}" = E-Cam
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{201B5096-AF6E-423E-B987-023E040D9B42}" = Windows Live Remote Service Resources
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java(TM) 6 Update 34
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36DA8767-9BE9-4ACF-8679-958D6379F22C}" = Vodafone Mobile Connect Lite
"{38E5A3B1-ADF1-47E0-8024-76310A30EB36}" = LiveUpdate
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}" = Windows Live Remote Service Resources
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B5092B6-F231-4D18-83BC-2618B729CA45}" = CapsHook
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{543E6ACA-51B7-4283-82F2-57C0582A53C5}" = Windows Live UX Platform Language Pack
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate for Eee PC
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6333FC29-BFE5-4024-AC78-958A1A7555D1}" = EeeSplendid
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B0A2ECE-E4C6-4BA3-AE9D-8B827F03B992}" = Windows Live UX Platform Language Pack
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C0E38E-09F2-4386-9977-404D4F6640CD}" = Hotkey Service
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80bc80c0-3a6b-4631-8649-7d6c308dfb3d}" = Nero 9 Essentials
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{859D40CF-8491-44AD-8FA8-7389CB418C64}" = 32 Bit HP CIO Components Installer
"{88F08F98-12BC-4613-81A2-8F9B88CFC73E}" = Super Hybrid Engine
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT2860 Wireless LAN Card
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A27DED03-CADE-4847-97D8-B198A8E57F3E}" = Windows Live Family Safety
"{A4C16B19-10AA-4990-AA87-D14F653E3345}" = Windows Live Remote Client Resources
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.5 MUI
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{Anticky Rim}_is1" = Antický Řím 1.0
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{Brana svetu - cesta za horizont}_is1" = Brána světů - cesta za horizont 1.0
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C30628D8-D3A0-4F23-90F0-F145808087B6}" = Windows Live Remote Client Resources
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{Cesta za dobrodruzstvim - Na stope duchum}_is1" = Cesta za dobrodružstvím - Na stopě duchům 1.0
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D44AA979-47C2-4BC0-A860-09A54224EA44}_is1" = Game Park Console
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D802DD00-16A8-4A58-AFC9-020C2380ECDA}" = EeeSplendid
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEDF8BAB-98D7-4CFA-9C42-27431EC4BD1F}" = Windows Live Remote Service Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1629C45-9CEF-498E-83CD-D6A09CADA176}" = Windows Live Remote Client Resources
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D2DEDC-4732-4188-8A3A-1A3FFBD4D6C8}" = ebi.BookReader3J
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F5675628-5C85-4BB6-A61E-C19CCEE50D11}" = Windows Live Family Safety
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"7-Zip" = 7-Zip 9.21beta
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"avast" = avast! Free Antivirus
"B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE" = Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403)
"B5C82F3814F82FB37F1513B3185399BD88892B08" = Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Brána do budoucnosti" = Brána do budoucnosti
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DivX Setup" = DivX Setup
"Eee Docking_is1" = Eee Docking 3.8.1
"Elantech" = ETDWare PS/2-x86 7.0.5.13_WHQL
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Fire Screensaver" = Free Fire Screensaver
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ilividtoolbargaw" = Search-Results Toolbar
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}" = FontResizer
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = LG CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LG CyberLink LabelPrint
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Oceanis Change Background Windows 7_is1" = Oceanis Change Background Windows 7
"Opera 12.16.1860" = Opera 12.16
"Psani na stroji_is1" = psani beta version 1.0.3.0
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1871618965-4188525786-3471104996-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3 Tor" = 3 Tor

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.5.2013 5:31:42 | Computer Name = Martina-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 19.5.2013 3:48:38 | Computer Name = Martina-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 22.5.2013 15:50:41 | Computer Name = Martina-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 24.5.2013 11:29:01 | Computer Name = Martina-PC | Source = VSS | ID = 8194
Description =

Error - 24.5.2013 11:30:25 | Computer Name = Martina-PC | Source = Application Hang | ID = 1002
Description = Program SetupX.exe verze 4.4.10.103 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1a5c Čas spuštění: 01ce58934c625519 Čas ukončení: 32 Cesta k aplikaci: C:\Users\Martina\AppData\Local\Temp\nro.tmp\SetupX.exe

ID
hlášení: cc6fd01c-c486-11e2-a1d5-f46d04221a27

Error - 24.5.2013 11:36:02 | Computer Name = Martina-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Aplikaci nebo službu Nero BackItUp Scheduler 4.0 nelze restartovat.

Error - 24.5.2013 11:39:24 | Computer Name = Martina-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Aplikaci nebo službu IPC logging process nelze ukončit.

Error - 24.5.2013 11:48:02 | Computer Name = Martina-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: SetupX.exe, verze: 4.4.10.103, časové razítko:
0x4a575b5e Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.17725, časové razítko:
0x4ec49b60 Kód výjimky: 0xc0000374 Posun chyby: 0x000c380b ID chybujícího procesu:
0x1c84 Čas spuštění chybující aplikace: 0x01ce58952d859306 Cesta k chybující aplikaci:
C:\Users\Martina\AppData\Local\Temp\nro.tmp\SetupX.exe Cesta k chybujícímu modulu:
C:\windows\SYSTEM32\ntdll.dll ID zprávy: 507e6607-c489-11e2-a1d5-f46d04221a27

Error - 24.5.2013 15:26:07 | Computer Name = Martina-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 26.5.2013 6:03:11 | Computer Name = Martina-PC | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

[ System Events ]
Error - 25.12.2013 16:51:25 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo
se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat
službu.

Error - 25.12.2013 16:51:27 | Computer Name = Martina-PC | Source = DCOM | ID = 10010
Description =

Error - 25.12.2013 16:51:57 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7038
Description = Služba Spooler se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně
konfigurovaným heslem z důvodu následující chyby: %%50 Chcete-li zajistit správnou
konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 25.12.2013 16:51:57 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7000
Description = Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující
chyby: %%1069

Error - 25.12.2013 16:52:52 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 26.12.2013 5:49:12 | Computer Name = Martina-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Internet Explorer 11 pro Windows 7.

Error - 26.12.2013 5:52:24 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 26.12.2013 13:37:40 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: cdrom

Error - 26.12.2013 22:55:34 | Computer Name = Martina-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).

Error - 27.12.2013 6:17:45 | Computer Name = Martina-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Instalace se nezdařila: Instalování následující aktualizace se nezdařilo
z důvodu chyby (0x80070643): Internet Explorer 11 pro Windows 7.


< End of report >

Počkám, práce je práce.

[Márty84]

Počkám, práce je práce.

No jo no, nekdo ty tramvaje pilotovat musi



Najdete tento soubor C:\ProgramData\vtqjv7t.fee a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.

Najdete tento soubor C:\ProgramData\vtqjv7t.odd a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.


Pozor na velikost plochy, nemela by mit vic nez 200-300 MB.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
Nero BackItUp Scheduler 4.0
BBUpdate
BBSvc
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\windows\Temp\*.tmp files -> C:\windows\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"DivXUpdate"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[...:::Monika:::...]

Zdravím vás, dnes se mi nějak nedaří. Ten první soubor, co jsem měla testovat na jotti, tak jsem tam měla stále, že je soubor odesílán a nic se nedělo a to dost dlouho. Na druhém odkaze virustotal.com tam mi to sdělilo, že je soubor příliš velký, no a na tom posledním scanner.virus.org jsem nevěděla co s tím.

[...:::Monika:::...]

Výsledek druhého souboru:
File already analysed

This file was already analysed by VirusTotal on 2013-12-27 21:14:21 .

Detection ratio: 0/48

You can take a look at the last analysis or analyse it again now.
 Warning! You submitted an empty file (0 bytes size), please make sure no
software on your computer is preventing the upload (e.g. antivirus quarantine).

[Márty84]

Pokracujte tedy OTLkem

[...:::Monika:::...]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Martina
->Temp folder emptied: 2430930 bytes
->Temporary Internet Files folder emptied: 318947 bytes
->Java cache emptied: 7293965 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 9010895 bytes
->Flash cache emptied: 5902 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 11611618 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 9754616 bytes

Total Files Cleaned = 39,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Martina
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service BBUpdate stopped successfully!
Service BBUpdate deleted successfully!
Service BBSvc stopped successfully!
Service BBSvc deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
Invalid CLSID key: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1BAC.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F69.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE4B3.tmp\Microsoft.Build.Tasks.dll deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE4B3.tmp folder deleted successfully.
C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE9A5.tmp folder deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12272013_225338

Files\Folders moved on Reboot...
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File\Folder C:\windows\temp\_avast_\Webshlock.txt not found!
C:\windows\temp\HS.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[...:::Monika:::...]

Tak ještě zálohujeme data, píše mi to ještě tak hodinu. To abyste si nemyslel, že mi to dlouho trvá. A když zálohuju na externí disk nepřetáhnu si tam něco z toho, co dáváme pryč?

[...:::Monika:::...]

Tady je výsledek

ComboFix 13-12-26.01 - Martina 28.12.2013 1:21.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.272 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-28 )))))))))))))))))))))))))))))))
.
.
2013-12-27 21:53 . 2013-12-27 21:53 -------- d-----w- C:\_OTL
2013-12-27 21:05 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E293DE6-ABE5-4936-9D05-7227C944EA66}\mpengine.dll
2013-12-25 21:04 . 2013-12-25 21:04 -------- d-----w- c:\users\Martina\AppData\Roaming\Malwarebytes
2013-12-25 21:04 . 2013-12-25 21:04 -------- d-----w- c:\programdata\Malwarebytes
2013-12-25 20:26 . 2013-12-25 20:51 -------- d-----w- C:\AdwCleaner
2013-12-25 19:54 . 2013-12-25 19:56 -------- d-----w- C:\rsit
2013-12-25 13:10 . 2013-12-25 13:16 -------- d-----w- c:\users\Martina\AppData\Local\ElevatedDiagnostics
2013-12-11 23:00 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 23:00 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 22:55 . 2013-10-25 04:45 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-12-11 22:55 . 2013-10-25 05:22 770736 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-12-11 18:35 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 18:35 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 18:35 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 18:35 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 18:35 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 18:35 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 18:35 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 18:35 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 18:35 . 2013-10-30 01:27 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 18:35 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 18:35 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-26 18:12 . 2013-12-26 17:59 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 16384 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 14912 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 35968 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19008 ----a-w- c:\windows\system32\drivers\wimmount.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 9728 ----a-w- c:\windows\system32\drivers\wfplwf.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19024 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 63488 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 35328 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 21632 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 14336 ----a-w- c:\windows\system32\drivers\vwifimp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 48128 ----a-w- c:\windows\system32\drivers\vwififlt.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19968 ----a-w- c:\windows\system32\drivers\vwifibus.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 141904 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 297040 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 245632 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53120 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53328 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 52736 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 16976 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 111616 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 160128 ----a-w- c:\windows\system32\drivers\vhdmp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 32832 ----a-w- c:\windows\system32\drivers\vdrvroot.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 76288 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 26112 ----a-w- c:\windows\system32\drivers\usbrpm.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19968 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 284672 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 6016 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 8192 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 39936 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 57424 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 55888 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 246784 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53120 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 108544 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 74752 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 21504 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53632 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 12240 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 21072 ----a-w- c:\windows\system32\drivers\stexstor.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 148864 ----a-w- c:\windows\system32\drivers\storport.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 310272 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 405504 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 311808 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 71168 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 17472 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 77888 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 52304 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 40016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 13824 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 11264 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 140160 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 26624 ----a-w- c:\windows\system32\drivers\scfilter.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 85376 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 1015912 ----a-w- c:\windows\system32\drivers\rtl8192se.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 3084256 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 60928 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 173440 ----a-w- c:\windows\system32\drivers\rdyboost.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 129536 ----a-w- c:\windows\system32\drivers\rfcomm.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 7168 ----a-w- c:\windows\system32\drivers\RDPREFMP.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 6656 ----a-w- c:\windows\system32\drivers\RDPENCDD.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 75264 ----a-w- c:\windows\system32\drivers\rassstp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 242688 ----a-w- c:\windows\system32\drivers\rdbss.sys.bak
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"="AsusSender.exe" [2010-09-08 34728]
"HotkeyService"="AsusSender.exe" [2010-09-08 34728]
"SuperHybridEngine"="AsusSender.exe" [2010-09-08 34728]
"CapsHook"="AsusSender.exe" [2010-09-08 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-06-10 414384]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-10 548744]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-12-22 2018032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 174360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 150808]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-10-29 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 58680]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 19:04 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 193.179.144.2 194.12.32.253
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ilividtoolbargaw - c:\progra~1\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrueSight]
"ImagePath"="\??\"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-12-28 01:46:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-28 00:46
.
Před spuštěním: Volných bajtů: 48 131 399 680
Po spuštění: Volných bajtů: 47 758 057 472
.
- - End Of File - - 80D1D4632EAFA6D81938DF639611FDA0
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Vypnete trvale Windows Defender


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[Márty84]

Tak ještě zálohujeme data, píše mi to ještě tak hodinu. To abyste si nemyslel, že mi to dlouho trvá. A když zálohuju na externí disk nepřetáhnu si tam něco z toho, co dáváme pryč?

Zapomnel jsem odpovedet, ale stejne v dobe, kdy jsem to cetl, uz jste to davno mela, takze spis jen pro info

Tou zalohou dulezitych dat jsem myslel hlavne fotky, dokumenty, pisnicky atd. Tim by se nemelo pretahnout nic. Pokud tam ale pretahujete cely disk, tak samozrejme neco preskocit muze

[...:::Monika:::...]

Zdravím vás a přeji hezký den, zálohovali jsme jen složky s fotkama atd...
Tady je další výsledek:

ComboFix 13-12-26.01 - Martina 28.12.2013 10:31:39.2.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.420.1029.18.1014.289 [GMT 1:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martina\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-28 do 2013-12-28 )))))))))))))))))))))))))))))))
.
.
2013-12-28 09:46 . 2013-12-28 09:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-28 00:31 . 2013-12-28 00:31 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E293DE6-ABE5-4936-9D05-7227C944EA66}\offreg.dll
2013-12-27 21:53 . 2013-12-27 21:53 -------- d-----w- C:\_OTL
2013-12-27 21:05 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E293DE6-ABE5-4936-9D05-7227C944EA66}\mpengine.dll
2013-12-25 21:04 . 2013-12-25 21:04 -------- d-----w- c:\users\Martina\AppData\Roaming\Malwarebytes
2013-12-25 21:04 . 2013-12-25 21:04 -------- d-----w- c:\programdata\Malwarebytes
2013-12-25 20:26 . 2013-12-25 20:51 -------- d-----w- C:\AdwCleaner
2013-12-25 19:54 . 2013-12-25 19:56 -------- d-----w- C:\rsit
2013-12-25 13:10 . 2013-12-25 13:16 -------- d-----w- c:\users\Martina\AppData\Local\ElevatedDiagnostics
2013-12-11 23:00 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-11 23:00 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-11 22:55 . 2013-10-25 04:45 1767936 ----a-w- c:\windows\system32\wininet.dll
2013-12-11 22:55 . 2013-10-25 05:22 770736 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2013-12-11 18:35 . 2013-10-30 02:19 301568 ----a-w- c:\windows\system32\msieftp.dll
2013-12-11 18:35 . 2013-10-19 01:36 159232 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-11 18:35 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 18:35 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 18:35 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 18:35 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 18:35 . 2013-11-23 18:26 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-11 18:35 . 2013-11-12 02:07 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-11 18:35 . 2013-10-30 01:27 2349056 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 18:35 . 2013-10-04 01:49 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 18:35 . 2013-10-04 01:17 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-26 18:12 . 2013-12-26 17:59 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 16384 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 14912 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 35968 ----a-w- c:\windows\system32\drivers\winusb.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19008 ----a-w- c:\windows\system32\drivers\wimmount.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 9728 ----a-w- c:\windows\system32\drivers\wfplwf.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19024 ----a-w- c:\windows\system32\drivers\wd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 63488 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 35328 ----a-w- c:\windows\system32\drivers\watchdog.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 21632 ----a-w- c:\windows\system32\drivers\wacompen.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 14336 ----a-w- c:\windows\system32\drivers\vwifimp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 48128 ----a-w- c:\windows\system32\drivers\vwififlt.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19968 ----a-w- c:\windows\system32\drivers\vwifibus.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 141904 ----a-w- c:\windows\system32\drivers\vsmraid.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 297040 ----a-w- c:\windows\system32\drivers\volmgrx.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 245632 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53120 ----a-w- c:\windows\system32\drivers\volmgr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53328 ----a-w- c:\windows\system32\drivers\VIAAGP.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 52736 ----a-w- c:\windows\system32\drivers\viac7.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 16976 ----a-w- c:\windows\system32\drivers\viaide.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 111616 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 160128 ----a-w- c:\windows\system32\drivers\vhdmp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 32832 ----a-w- c:\windows\system32\drivers\vdrvroot.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 26112 ----a-w- c:\windows\system32\drivers\vgapnp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 25088 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 146816 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 76288 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 36352 ----a-w- c:\windows\system32\drivers\usbscan.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 26112 ----a-w- c:\windows\system32\drivers\usbrpm.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 19968 ----a-w- c:\windows\system32\drivers\usbprint.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 284672 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 6016 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 25856 ----a-w- c:\windows\system32\drivers\USBCAMD2.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 25856 ----a-w- c:\windows\system32\drivers\USBCAMD.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 8192 ----a-w- c:\windows\system32\drivers\umpass.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 39936 ----a-w- c:\windows\system32\drivers\umbus.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 57424 ----a-w- c:\windows\system32\drivers\ULIAGPKX.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 55888 ----a-w- c:\windows\system32\drivers\UAGP35.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 246784 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53120 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 108544 ----a-w- c:\windows\system32\drivers\tunnel.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 74752 ----a-w- c:\windows\system32\drivers\tdx.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 21504 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 24576 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 53632 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 12240 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 21072 ----a-w- c:\windows\system32\drivers\stexstor.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 148864 ----a-w- c:\windows\system32\drivers\storport.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 310272 ----a-w- c:\windows\system32\drivers\srv2.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 405504 ----a-w- c:\windows\system32\drivers\spsys.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 311808 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 71168 ----a-w- c:\windows\system32\drivers\smb.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 17472 ----a-w- c:\windows\system32\drivers\spldr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 17408 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 77888 ----a-w- c:\windows\system32\drivers\sisraid4.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 52304 ----a-w- c:\windows\system32\drivers\SISAGP.SYS.bak
2013-12-26 18:12 . 2013-12-26 17:59 40016 ----a-w- c:\windows\system32\drivers\sisraid2.sys.bak
2013-12-26 18:12 . 2013-12-26 17:59 13824 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 19968 ----a-w- c:\windows\system32\drivers\sermouse.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 12288 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 11264 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 83456 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 17920 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 140160 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 26624 ----a-w- c:\windows\system32\drivers\scfilter.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 85376 ----a-w- c:\windows\system32\drivers\sbp2port.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 1015912 ----a-w- c:\windows\system32\drivers\rtl8192se.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 3084256 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 8192 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 60928 ----a-w- c:\windows\system32\drivers\rspndr.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 173440 ----a-w- c:\windows\system32\drivers\rdyboost.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 129536 ----a-w- c:\windows\system32\drivers\rfcomm.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 117760 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 7168 ----a-w- c:\windows\system32\drivers\RDPREFMP.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 6656 ----a-w- c:\windows\system32\drivers\RDPENCDD.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 75264 ----a-w- c:\windows\system32\drivers\rassstp.sys.bak
2013-12-26 18:12 . 2013-12-26 17:58 242688 ----a-w- c:\windows\system32\drivers\rdbss.sys.bak
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-03-29 222128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"="AsusSender.exe" [2010-09-08 34728]
"HotkeyService"="AsusSender.exe" [2010-09-08 34728]
"SuperHybridEngine"="AsusSender.exe" [2010-09-08 34728]
"CapsHook"="AsusSender.exe" [2010-09-08 34728]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-06-10 414384]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-27 9177632]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-06-10 548744]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-12-22 2018032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-19 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-19 174360]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-19 150808]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-10-29 549040]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 58680]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-06 19:04 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 193.179.144.2 194.12.32.253
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TrueSight]
"ImagePath"="\??\"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-12-28 10:53:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-28 09:53
ComboFix2.txt 2013-12-28 00:46
.
Před spuštěním: Volných bajtů: 47 964 012 544
Po spuštění: Volných bajtů: 47 947 874 304
.
- - End Of File - - ACE15161DAC7F8F7EA16A57EC8A1333F
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Zdravím vás a přeji hezký den, zálohovali jsme jen složky s fotkama atd...

Vam take krasny den Nevim jak u vas, ale tady v Ostrave to vypada ze je jaro
V tom pripade by nemel byt problem. Navic aspon mate zalohu Fotky se maji zalohovat stale, i kdyz pc nezlobi



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.