OTL logfile created on: 22.2.2014 20:29:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Tomik\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 79,87% Memory free
4,84 Gb Paging File | 4,29 Gb Available in Paging File | 88,65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 83,78 Gb Free Space | 56,21% Space Free | Partition Type: NTFS
Computer Name: PC | User Name: Tomik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.02.22 20:27:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomik\Plocha\OTL.exe
PRC - [2014.02.20 02:03:06 | 000,859,464 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.12.20 16:45:32 | 000,807,696 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-Agent.exe
PRC - [2013.12.20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe
PRC - [2013.05.09 09:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.02.25 20:54:00 | 000,046,592 | ---- | M] (AlcaTech) -- C:\WINDOWS\system32\mmrtkrnl.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2014.02.22 14:39:38 | 002,272,768 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14022201\algo.dll
MOD - [2014.02.20 02:03:05 | 000,394,568 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppgooglenaclpluginchrome.dll
MOD - [2014.02.20 02:03:03 | 004,060,488 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
MOD - [2014.02.20 02:02:56 | 001,647,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
MOD - [2014.02.20 02:02:54 | 000,051,016 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
MOD - [2014.02.13 13:15:43 | 000,027,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-LogRotatorService\81dcb7822a4fbf242d30fa924911e8fe\HD-LogRotatorService.ni.exe
MOD - [2014.02.13 13:15:31 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8cd995f00848816e3ec49dc326e3d49b\System.ServiceProcess.ni.dll
MOD - [2014.02.13 13:15:31 | 000,155,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\JSON\621beb6f8671bdd9e8298980124b4db2\JSON.ni.dll
MOD - [2014.02.13 13:14:59 | 001,358,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Agent\3529f7cfa31228daaae83f2326d1ed64\HD-Agent.ni.exe
MOD - [2014.02.13 07:36:56 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014.02.13 07:35:23 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014.02.13 07:35:19 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014.02.13 07:35:06 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014.02.13 07:33:32 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014.02.13 07:33:19 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
========== Services (SafeList) ==========
SRV - [2013.12.20 16:44:22 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013.12.20 16:43:48 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013.12.11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.12.10 20:39:15 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.27 10:58:29 | 000,182,184 | ---- | M] (Oracle Corporation) [Disabled | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.05.09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.09.08 08:14:16 | 000,415,128 | ---- | M] (Cenega Czech) [Disabled | Stopped] -- C:\WINDOWS\System32\pr2aszab.exe -- (pr2aszab)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2013.12.20 16:44:00 | 000,106,256 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys -- (BstHdDrv)
DRV - [2013.06.28 09:41:10 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.06.28 09:41:10 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.06.28 09:41:10 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.05.09 09:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 09:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 09:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 09:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.05.09 09:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.05.02 05:23:42 | 000,153,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2013.05.02 05:23:42 | 000,136,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2013.05.02 05:23:42 | 000,130,248 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2013.05.02 05:23:42 | 000,032,064 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2013.05.02 05:23:42 | 000,017,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2012.06.11 19:57:18 | 006,629,888 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012.05.14 07:12:12 | 000,103,040 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.08.30 16:28:46 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.06.13 10:03:54 | 000,306,664 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.11.18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.09.08 08:13:39 | 000,069,272 | ---- | M] (Cenega Czech) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3aszab.sys -- (pe3aszab)
DRV - [2008.09.08 08:13:02 | 000,083,608 | ---- | M] (Cenega Czech) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pf2aszab.sys -- (pf2aszab)
DRV - [2008.09.08 08:12:24 | 000,068,256 | ---- | M] (Cenega Czech) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps7aszab.sys -- (ps7aszab)
DRV - [2007.04.16 20:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.com
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ie
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes\{573EA804-0C8A-4082-9CC6-57BCD326D7E2}: "URL" =
http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes\{65C0C007-4628-499F-8206-0C2ABC2F0233}: "URL" =
http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searcer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes\{79CB218A-C93B-45AA-B0AB-4E15F49DF3AA}: "URL" =
http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\SearchScopes\{D48B05C2-9420-461C-A987-2D832019351C}: "URL" =
http://asksearch.ask.com/redirect?clien ... earchTerms}&
IE - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft® DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Crash Bandicoot Online HD = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aamlbcjbejchalkkingolaibfgkkiinp\1.0_0\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Chrome YouTube Downloader = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.20_0\
CHR - Extension: VyhledávánĂ Google = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Stopky / ÄŤasovaÄŤ = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh\3.8_0\
CHR - Extension: Pretty Facebook Chat = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ihamlfilbdodiokndlfmmlpjlnopaobi\2.1_0\
CHR - Extension: P5 = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ipmkbdlfhobobejokomahgoielcfklld\1_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: MĹŻj motiv Chrome = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2014.02.22 20:12:48 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll" File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll" File not found
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\..\Toolbar\WebBrowser: (KMP Media Toolbar) - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\KMPV6\Passport.dll" File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [Realtime Audio Engine] C:\WINDOWS\System32\mmrtkrnl.exe (AlcaTech)
O4 - HKU\S-1-5-21-1409082233-1659004503-725345543-1003..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run File not found
O4 - HKU\S-1-5-21-1409082233-1659004503-725345543-1003..\Run: [Google+ Auto Backup] "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1659004503-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
http://windowsupdate.microsoft.com/wind ... 8553047531 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftup ... 8553082750 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EEBF846-DE8A-4490-9294-71ABA611BE57}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Tomik\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - Unable to read "AutoRun" value or value not present!
O32 - AutoRun File - [2013.05.14 18:16:38 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.02.22 20:27:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tomik\Plocha\OTL.exe
[2014.02.22 19:40:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomik\Plocha\RK_Quarantine
[2014.02.21 22:40:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomik\Data aplikací\Malwarebytes
[2014.02.21 22:40:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.02.21 14:21:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
[2014.02.21 14:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2014.02.21 13:46:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.02.21 12:51:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.02.21 12:51:37 | 000,000,000 | ---D | C] -- C:\rsit
[2014.02.13 07:31:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014.02.08 21:58:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomik\Plocha\19872
[2014.02.01 21:35:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Tomik\Plocha\TOM NEMCINA 1.UNORA VECER SLOVICKA 300 SLOV
[2014.01.30 15:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Razer
[2014.01.30 15:11:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Razer
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.02.22 20:31:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.02.22 20:27:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tomik\Plocha\OTL.exe
[2014.02.22 20:09:29 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.02.22 19:40:05 | 003,817,984 | ---- | M] () -- C:\Documents and Settings\Tomik\Plocha\RogueKiller.exe
[2014.02.22 19:39:16 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.02.22 19:37:53 | 000,000,362 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.02.22 19:36:36 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.02.22 19:36:36 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.02.22 19:36:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.02.21 16:10:59 | 002,765,182 | ---- | M] () -- C:\Documents and Settings\Tomik\Plocha\ůjb.bmp
[2014.02.21 13:58:32 | 001,307,510 | ---- | M] () -- C:\Documents and Settings\Tomik\Plocha\xya.bmp
[2014.02.21 13:45:11 | 001,241,834 | ---- | M] () -- C:\Documents and Settings\Tomik\Plocha\adwcleaner.exe
[2014.02.13 19:47:55 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2014.02.13 07:37:40 | 000,458,798 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.02.13 07:37:40 | 000,441,552 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.02.13 07:37:40 | 000,090,974 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.02.13 07:37:40 | 000,071,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.02.13 07:33:57 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.02.10 21:37:14 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Tomik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.02.06 04:38:36 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2014.02.06 00:08:34 | 006,021,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2014.02.06 00:08:34 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2014.02.06 00:08:34 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2014.02.06 00:08:34 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2014.02.06 00:08:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2014.02.06 00:08:34 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2014.02.06 00:08:34 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2014.02.06 00:08:34 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2014.02.06 00:08:34 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2014.02.06 00:08:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2014.02.06 00:08:33 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2014.02.06 00:08:33 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2014.02.06 00:08:33 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2014.02.06 00:08:33 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2014.02.06 00:08:33 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2014.02.06 00:08:33 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2014.02.06 00:08:33 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2014.02.06 00:08:33 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2014.02.05 23:24:06 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2014.02.05 23:24:05 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.02.22 20:31:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.02.22 19:40:02 | 003,817,984 | ---- | C] () -- C:\Documents and Settings\Tomik\Plocha\RogueKiller.exe
[2014.02.21 16:10:58 | 002,765,182 | ---- | C] () -- C:\Documents and Settings\Tomik\Plocha\ůjb.bmp
[2014.02.21 13:58:26 | 001,307,510 | ---- | C] () -- C:\Documents and Settings\Tomik\Plocha\xya.bmp
[2014.02.21 13:45:23 | 001,241,834 | ---- | C] () -- C:\Documents and Settings\Tomik\Plocha\adwcleaner.exe
[2014.01.15 17:44:20 | 000,683,816 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.07.29 16:46:03 | 000,000,896 | RHS- | C] () -- C:\Documents and Settings\Tomik\ntuser.pol
[2013.06.28 09:41:15 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.26 20:02:14 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.26 20:02:14 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.05.22 19:43:48 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2013.05.22 19:43:48 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2013.05.22 19:43:48 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2013.05.22 19:43:48 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2013.05.21 16:35:24 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll
[2013.05.21 16:35:24 | 000,034,676 | ---- | C] () -- C:\WINDOWS\xobglu32.dll
[2013.05.18 13:54:50 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Tomik\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.15 17:29:37 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2013.05.15 17:29:37 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2013.05.15 17:29:37 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2013.05.15 17:29:37 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2013.05.15 17:29:37 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2013.05.15 17:29:37 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2013.05.15 17:29:37 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2013.05.15 17:29:37 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2013.05.15 17:29:37 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2013.05.15 17:29:37 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2013.05.15 17:29:37 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2013.05.15 17:29:37 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2013.05.15 17:29:37 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2013.05.15 17:29:37 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2013.05.15 17:29:37 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2013.05.15 17:29:37 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2013.05.14 20:06:26 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.05.14 20:04:21 | 000,128,504 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.14 20:02:35 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.05.14 20:02:35 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.05.14 19:53:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.05.14 19:53:51 | 000,637,743 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013.05.14 19:44:07 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Tomik\Local Settings\Data aplikací\fusioncache.dat
[2013.05.14 19:39:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.05.14 19:20:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.05.14 18:26:18 | 000,081,936 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2013.05.14 18:18:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.05.14 18:13:56 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2013.05.14 19:23:09 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 07:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.07.29 16:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlcaTech
[2013.05.14 20:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.17 17:36:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlueStacks
[2014.01.17 17:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlueStacksSetup
[2013.05.16 19:40:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2014.01.30 15:11:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Razer
[2014.01.18 17:19:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.07.29 16:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\AlcaTech
[2013.06.07 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Firefly Studios
[2013.07.13 15:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\LolClient
[2013.05.14 21:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\OpenOffice.org
[2013.07.13 13:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Riot Games
[2014.01.18 17:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Samsung
[2013.12.14 11:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz
[2013.08.28 19:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\SFBot
[2013.06.14 19:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Software Informer
[2013.11.21 21:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Unity
[2013.12.14 10:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\uTorrent
[2013.05.14 19:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Windows Desktop Search
[2013.05.16 20:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Windows Search
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013.05.14 18:14:56 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.05.14 18:19:39 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.05.14 19:36:35 | 000,000,934 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.14 19:36:35 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.14 20:02:35 | 000,000,362 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.05.14 20:10:24 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.05.09 23:48:16 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2006.03.02 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 10:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 10:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0047\DriverFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[15 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[128 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.06.13 15:20:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Adobe
[2013.07.29 16:46:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\AlcaTech
[2013.05.14 19:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\ATI
[2013.06.07 21:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Firefly Studios
[2013.05.16 19:51:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\GRETECH
[2013.05.14 18:20:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Identities
[2013.05.15 17:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\InstallShield
[2013.07.13 15:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\LolClient
[2013.05.15 16:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Macromedia
[2014.02.21 22:40:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Malwarebytes
[2013.05.23 11:31:42 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Tomik\Data aplikací\Microsoft
[2013.05.14 21:49:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\OpenOffice.org
[2013.07.13 13:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Riot Games
[2014.01.18 17:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Samsung
[2013.12.14 11:02:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz
[2013.08.28 19:58:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\SFBot
[2014.02.22 11:12:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Skype
[2013.06.14 19:23:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Software Informer
[2013.05.14 20:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Sun
[2013.05.26 18:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\SUPERAntiSpyware.com
[2013.11.21 21:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Unity
[2013.12.14 10:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\uTorrent
[2013.12.11 19:16:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\vlc
[2013.05.14 19:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Windows Desktop Search
[2013.05.16 20:00:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\Windows Search
[2013.05.14 20:36:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Tomik\Data aplikací\WinRAR
< %APPDATA%\*.exe /s >
[2007.03.22 11:46:42 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe
[2013.03.21 10:26:26 | 001,061,960 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\szninstall.exe
[2013.03.27 13:09:44 | 002,582,600 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\sznsetup.exe
[2013.04.15 12:34:14 | 000,045,560 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\bin\szndesktop.exe
[2013.04.12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Tomik\Data aplikací\Seznam.cz\data\ffinstall\regctrl.exe
[2013.07.05 08:13:04 | 001,126,480 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Tomik\Data aplikací\uTorrent\uTorrent.exe
[2013.07.05 08:13:04 | 001,126,480 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Tomik\Data aplikací\uTorrent\updates\3.3.1_29812.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2013.05.14 20:03:29 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.05.14 20:03:29 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.05.14 20:03:29 | 000,491,520 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.02.22 19:36:36 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google+ Auto Backup" = "C:\Program Files\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 07:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"" = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.02.22 20:31:07 | 000,000,512 | ---- | M] () MD5=51D4A21C1D3BB7C8982FD76F029CA987 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2013.10.14 13:13:20 | 000,000,238 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\BlueStacks\UserData\InputMapper\com.fluik.PlumberCrack.cfg
[2013.10.14 13:13:20 | 000,000,680 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\BlueStacks\UserData\InputMapper\com.polarbit.crackingsands.cfg
[2013.10.14 13:13:20 | 000,000,679 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\BlueStacks\UserData\InputMapper\com.polarbit.crackingsandsads.cfg
[2014.02.06 17:18:05 | 000,015,770 | ---- | M] () -- \Program Files\Steam\SteamApps\common\dota 2 beta\dota\addons\nian\resource\flash3\images\items\firecrackers.png
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2013.03.26 13:13:12 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.03.26 13:13:12 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.10.09 17:07:12 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.10.09 17:07:12 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.03.26 13:13:12 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\
loader@2x.png
[2013.03.29 12:37:34 | 000,059,384 | ---- | M] () -- \Documents and Settings\Tomik\Data aplikací\Seznam.cz\bin\30388libfoxloader.dll
[2013.04.15 12:32:10 | 000,060,416 | ---- | M] () -- \Documents and Settings\Tomik\Data aplikací\Seznam.cz\bin\30391libfoxloader-x64.dll
[2013.05.17 19:48:34 | 000,000,165 | ---- | M] () -- \Documents and Settings\Tomik\Data aplikací\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.02.19 11:07:28 | 000,030,608 | ---- | M] () -- \Documents and Settings\Tomik\Data aplikací\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.25 15:27:20 | 000,000,665 | ---- | M] () -- \Documents and Settings\Tomik\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 15:27:26 | 000,000,117 | ---- | M] () -- \Documents and Settings\Tomik\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.05.21 19:57:49 | 000,098,116 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\chrome-youtube-downloader-2.6.5 (1).crx
[2013.12.25 14:58:02 | 000,002,867 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.20_0\css\Chrome-YouTube-Downloader.css
[2013.12.25 14:58:02 | 000,012,003 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.20_0\script\Chrome-YouTube-Downloader.js
[2013.05.14 19:39:13 | 000,001,748 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\images\loader.png
[2013.05.16 19:40:22 | 000,006,494 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\avg_a01892\ProgData\AVG Secure Search\FireFoxExt\13.2.0.3\modules\skin\ajax-loader.gif
[2013.05.16 19:40:22 | 000,000,729 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\avg_a01892\ProgData\AVG Secure Search\FireFoxExt\13.2.0.3\modules\skin\loader.gif
[2013.05.16 19:40:22 | 000,019,497 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\avg_a01892\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.05.16 19:40:36 | 000,006,494 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\avg_a03928\ProgData\AVG Secure Search\FireFoxExt\15.2.0.5\modules\skin\ajax-loader.gif
[2013.05.16 19:40:36 | 000,000,729 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\avg_a03928\ProgData\AVG Secure Search\FireFoxExt\15.2.0.5\modules\skin\loader.gif
[2013.05.16 19:40:36 | 000,019,497 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\avg_a03928\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2013.05.16 19:40:36 | 000,019,497 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temp\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2014.01.29 16:40:27 | 000,110,991 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temporary Internet Files\Content.IE5\LFL6FFVR\AdLoader-7b857a7be889bd57f92da60a9b6146bb.min[1].js
[2014.02.22 11:13:11 | 000,001,870 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temporary Internet Files\Content.IE5\LFL6FFVR\AdLoader[1].htm
[2014.02.18 18:33:31 | 000,111,819 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temporary Internet Files\Content.IE5\OAR12AH3\AdLoader-725aebe4743338ea770018ce780c157b.min[1].js
[2014.01.29 19:59:32 | 000,111,438 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temporary Internet Files\Content.IE5\OAR12AH3\AdLoader-8123c724cc0668230ba8270eea997632.min[1].js
[2014.02.18 16:47:04 | 000,001,537 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Temporary Internet Files\Content.IE5\X8029F16\AdLoader[1].htm
[2014.01.06 19:47:02 | 000,000,702 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2014.01.06 19:47:02 | 000,000,790 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_debug.fen
[2014.01.06 19:47:02 | 000,000,723 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_download.fen
[2014.01.06 19:47:02 | 000,000,694 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013.02.09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2014.01.06 19:47:04 | 000,000,634 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2014.01.06 19:47:04 | 000,002,283 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_onboard.fen
[2014.01.06 19:47:04 | 000,001,417 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_options.fen
[2014.01.06 19:47:04 | 000,001,330 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2014.01.06 19:47:04 | 000,002,541 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2014.01.06 19:47:04 | 000,002,109 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_prefs.fen
[2014.01.06 19:47:04 | 000,000,956 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2014.01.06 19:47:04 | 000,001,080 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2014.01.06 19:47:04 | 000,001,139 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2014.01.06 19:47:04 | 000,002,181 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_welcome.fen
[2012.08.13 09:52:58 | 000,006,081 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2014.02.16 15:53:38 | 000,005,437 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.pyc
[2013.05.14 20:22:31 | 000,020,992 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2012.08.13 10:04:18 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2013.05.14 20:22:36 | 000,029,696 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2012.08.13 09:12:36 | 000,003,868 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2013.02.19 11:07:28 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.10.23 21:07:40 | 000,007,825 | ---- | M] () -- \Program Files\Steam\remoteui\static\libs\images\ajax-loader.gif
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2014.01.18 15:27:53 | 000,071,894 | R--- | M] () -- \WINDOWS\Installer\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}\GPUploader.exe
[2014.01.04 12:03:57 | 000,071,894 | R--- | M] () -- \WINDOWS\Installer\{AF71B42D-3821-4376-9974-84E507F88EC0}\GPUploader.exe
[2013.12.30 22:05:42 | 000,071,894 | R--- | M] () -- \WINDOWS\Installer\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}\GPUploader.exe
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\777662\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\AMAXVS\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Assault2\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\evoV2\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\EyeBallXP2-rev\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Ferrari\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\FF-[]-X-[]-BOX\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\FF7\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\foreverblue\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Gamecube\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\GMAC\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Hitman47\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\ChaNinja\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Chromex\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\lambor2\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Lithium\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Onyx2\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\RedArmy\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Sentinel\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Temujin\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Vista Aero v1.1 rhp\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Vista LE 1.0\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\vista\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\XP3black\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\XtremeXP\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\Downloads\Nová složka\motivy do windows Xp\Zune Themes\serials.txt
[2009.08.07 21:04:48 | 000,000,033 | ---- | M] () -- \Documents and Settings\Tomik\Dokumenty\windows 7\serials.txt
[2013.10.30 18:21:37 | 000,000,024 | ---- | M] () -- \Documents and Settings\Tomik\Local Settings\Data aplikací\Google\Picasa2\cache\cacheindex_serial.pmp
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.10 21:32:48 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.26 23:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2013.05.14 19:23:40 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.05.14 19:44:45 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014.02.13 07:37:29 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.05.16 11:57:25 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 13:15:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 13:15:50 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2013.08.24 19:18:10 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.24 19:16:32 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.26 23:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 06:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 17:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Files - Unicode (All) ==========
[2013.06.05 11:33:17 | 000,000,000 | ---D | M](C:\Documents and Settings\Tomik\Data aplikac?) -- C:\Documents and Settings\Tomik\Data aplikac�
[2013.06.05 11:33:17 | 000,000,000 | ---D | M](C:\Documents and Settings\Tomik\Data aplikac?) -- C:\Documents and Settings\Tomik\Data aplikac�
(C:\Documents and Settings\Tomik\Data aplikac?) -- C:\Documents and Settings\Tomik\Data aplikac�
< End of report >
Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Přispějete na provoz fóra?
