Re: Preventivka
Napsal: 31 bře 2014 12:15
OTL logfile created on: 31.3.2014 8:22:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 317,20 Mb Available Physical Memory | 31,02% Memory free
2,40 Gb Paging File | 1,72 Gb Available in Paging File | 71,78% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 88,14 Gb Free Space | 47,31% Space Free | Partition Type: NTFS
Computer Name: AKADEMIC-4B9E5F | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.03.31 08:20:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2014.03.30 19:42:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.03.19 22:17:52 | 004,971,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.02.23 22:22:30 | 003,782,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013.12.05 13:48:12 | 000,680,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013.11.25 23:03:56 | 000,591,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013.11.25 23:00:24 | 000,892,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013.11.13 23:03:10 | 000,729,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013.09.24 02:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2012.07.02 09:11:14 | 002,498,048 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
========== Modules (No Company Name) ==========
MOD - [2014.03.30 19:42:19 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.02.25 11:49:37 | 016,265,096 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014.02.12 21:24:01 | 011,906,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9c97ad1b12490d79\System.Web.ni.dll
MOD - [2014.02.12 21:22:01 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014.02.12 18:50:17 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2014.02.12 18:50:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014.02.12 18:40:18 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014.02.12 18:40:11 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014.02.12 18:39:52 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014.02.12 18:33:45 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014.02.12 18:33:17 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2012.07.02 09:11:30 | 000,198,144 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
MOD - [2012.07.02 09:11:14 | 002,498,048 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
MOD - [2012.06.17 15:22:08 | 000,012,800 | ---- | M] () -- C:\Program Files\Rainlendar2\lfs.dll
MOD - [2012.05.16 21:01:30 | 000,140,800 | ---- | M] () -- C:\Program Files\Rainlendar2\lua52.dll
MOD - [2010.12.12 12:58:14 | 000,502,784 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
MOD - [2010.12.12 12:58:00 | 000,131,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll
MOD - [2010.12.12 12:57:56 | 000,485,376 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll
MOD - [2010.12.12 12:57:44 | 000,707,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll
MOD - [2010.12.12 12:57:36 | 002,633,216 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll
MOD - [2010.12.12 12:56:46 | 001,205,760 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll
MOD - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
========== Services (SafeList) ==========
SRV - [2014.03.30 19:42:20 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.25 11:49:39 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.23 22:22:30 | 003,782,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.24 02:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2014.03.03 08:55:50 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014.02.19 09:05:20 | 005,630,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2014.02.19 09:05:19 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2014.02.19 09:05:18 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2014.01.19 22:46:54 | 000,022,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2014.01.10 10:39:05 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2014.01.10 10:38:13 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2014.01.10 10:36:32 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2013.11.25 22:56:22 | 000,210,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.11.25 22:56:22 | 000,149,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.11.25 22:49:18 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013.11.01 00:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.10.31 23:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.10.01 01:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.09.10 01:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.08.01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.06.17 15:59:14 | 000,099,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2006.09.28 11:47:48 | 000,283,776 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2006.08.16 08:25:30 | 000,016,899 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2006.08.03 00:07:50 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{0D0366FF-EB75-460C-86D5-23864494886A}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{0EE59C28-9895-425A-9A13-A0DE4AA2A736}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{84E2C1B1-5812-476C-B86A-390766081B32}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{F4CDEE68-BC8E-40EE-B3D4-7E7A7B6F6B27}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Amazon "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =198484&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.03.30 19:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.03.30 19:42:06 | 000,000,000 | ---D | M]
[2010.01.22 20:08:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2014.03.21 16:00:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\extensions
[2014.01.10 10:00:04 | 000,000,000 | ---D | M] (Start Page) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2014.03.07 12:40:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\z1eh0v4m.default\extensions
[2013.08.22 09:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profilesqb2igq9s.default\extensions
[2013.08.22 09:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profilesqb2igq9s.default\extensions\staged
[2014.01.07 08:21:43 | 000,002,048 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\searchplugins\mapycz.xml
[2014.02.25 12:10:08 | 000,008,061 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\searchplugins\yahoo_ff.xml
[2014.03.30 19:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014.03.30 19:42:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.30 19:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.03.30 19:41:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.30 19:42:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\AW97ZBH5.DEFAULT-1387454379203\EXTENSIONS\{58D2A791-6199-482F-A9AA-9B725EC61362}
[2011.03.21 08:22:04 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2012.08.14 12:43:37 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledávánĂ Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014.03.27 12:10:30 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1454471165-706699826-725345543-500..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-706699826-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 217
O7 - HKU\S-1-5-21-1454471165-706699826-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3943D08F-3712-4465-881C-98C6B78AAE86}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.28 19:45:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.03.31 08:20:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2014.03.30 20:23:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2014.03.30 19:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014.03.28 21:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
[2014.03.27 09:07:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014.03.27 09:07:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014.03.22 13:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\vzpomínky 1
[2014.03.15 21:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\maminka s Ferdou
[2014.03.13 11:25:43 | 000,000,000 | ---D | C] -- C:\rsit
[2014.03.13 10:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2014.03.11 10:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2014.03.11 10:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\MyPhoneExplorer
[2014.03.11 10:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2014.03.09 18:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Landi11
[2014.03.09 14:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Landi
[2014.03.09 14:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\landi 11
[2014.03.09 14:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Landi11-original
[2014.03.09 09:23:04 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.03.07 14:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2014.03.07 14:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.03.07 09:33:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.03.07 09:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.03.07 08:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2014.03.07 08:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.03.06 10:19:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\tasks\ImCleanDisabled
[2009.03.07 15:13:38 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player_10_active_x.exe
[2008.10.13 22:04:09 | 067,167,528 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunes801Setup.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.03.31 08:24:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.03.31 08:20:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2014.03.31 08:15:52 | 000,005,856 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014.03.31 08:04:43 | 000,494,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.03.31 08:04:43 | 000,489,094 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.03.31 08:04:43 | 000,098,466 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.03.31 08:04:43 | 000,084,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.03.31 08:02:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.03.31 08:02:17 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.31 08:00:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.31 08:00:04 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.30 18:47:54 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.27 12:10:30 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2014.03.27 09:45:50 | 003,945,472 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RogueKiller.exe
[2014.03.23 22:14:48 | 001,508,772 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\skříně.JPG
[2014.03.22 14:37:56 | 000,530,708 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110649.JPG
[2014.03.22 14:37:16 | 000,501,220 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110646.JPG
[2014.03.22 14:36:34 | 000,515,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110643.JPG
[2014.03.22 14:33:18 | 000,523,223 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110637.JPG
[2014.03.22 14:32:20 | 000,516,210 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110635.JPG
[2014.03.22 14:07:33 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110598.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110595.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110594.lnk
[2014.03.22 14:05:34 | 000,499,327 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110618.JPG
[2014.03.22 14:03:46 | 000,512,926 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110616.JPG
[2014.03.22 13:49:50 | 000,508,913 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110609.JPG
[2014.03.22 13:38:38 | 000,551,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110599.JPG
[2014.03.20 13:25:09 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2014.03.14 09:53:37 | 001,432,944 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.03.13 09:57:54 | 000,000,402 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140313_085737.reg
[2014.03.11 10:55:43 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
[2014.03.09 14:45:02 | 002,691,072 | ---- | M] ( ) -- C:\WINDOWS\ulandi.exe
[2014.03.09 14:45:02 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Landi 11.lnk
[2014.03.09 14:28:06 | 000,487,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2014.03.09 14:28:06 | 000,001,783 | ---- | M] () -- C:\WINDOWS\ST6UNST.000
[2014.03.09 14:28:05 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2014.03.09 09:22:39 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.03.09 09:20:47 | 000,054,544 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_082044.reg
[2014.03.09 09:06:06 | 000,003,402 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080603.reg
[2014.03.09 09:01:49 | 000,036,154 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080132.reg
[2014.03.07 07:48:21 | 000,000,080 | ---- | M] () -- C:\Documents and Settings\Administrator\rgmnr
[2014.03.03 08:57:36 | 000,000,000 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.03.03 08:55:50 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.03.31 08:24:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.03.28 21:42:02 | 000,000,238 | ---- | C] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.28 21:42:02 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.27 09:45:49 | 003,945,472 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RogueKiller.exe
[2014.03.23 22:46:43 | 001,508,772 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\skříně.JPG
[2014.03.22 14:07:33 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110598.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110595.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110594.lnk
[2014.03.22 14:06:42 | 000,499,327 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110618.JPG
[2014.03.22 14:06:21 | 000,512,926 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110616.JPG
[2014.03.22 14:05:48 | 000,508,913 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110609.JPG
[2014.03.22 14:04:56 | 000,551,873 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110599.JPG
[2014.03.22 14:01:33 | 000,523,223 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110637.JPG
[2014.03.22 13:56:39 | 000,530,708 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110649.JPG
[2014.03.22 13:56:39 | 000,516,210 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110635.JPG
[2014.03.22 13:56:39 | 000,515,873 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110643.JPG
[2014.03.22 13:56:39 | 000,501,220 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110646.JPG
[2014.03.20 13:24:46 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2014.03.13 09:57:39 | 000,000,402 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140313_085737.reg
[2014.03.11 10:55:43 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
[2014.03.09 14:45:02 | 002,691,072 | ---- | C] ( ) -- C:\WINDOWS\ulandi.exe
[2014.03.09 14:45:02 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Landi 11.lnk
[2014.03.09 14:28:04 | 004,879,917 | ---- | C] () -- C:\WINDOWS\VBR6.CAB
[2014.03.09 14:28:04 | 000,001,783 | ---- | C] () -- C:\WINDOWS\ST6UNST.000
[2014.03.09 09:20:45 | 000,054,544 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_082044.reg
[2014.03.09 09:06:05 | 000,003,402 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080603.reg
[2014.03.09 09:04:42 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.03.09 09:01:40 | 000,036,154 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080132.reg
[2014.03.03 08:57:36 | 000,000,000 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.02.24 22:56:14 | 001,950,097 | ---- | C] () -- C:\Documents and Settings\Administrator\scrypt130511GeForce 210glg2tc960w256l4.bin
[2014.02.23 13:02:21 | 000,000,080 | ---- | C] () -- C:\Documents and Settings\Administrator\rgmnr
[2014.01.28 10:53:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\swsys.dmp
[2014.01.28 10:39:44 | 000,010,498 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\lpm.dat
[2014.01.10 10:36:58 | 000,026,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2014.01.10 09:51:34 | 000,079,486 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2013.12.19 15:57:32 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\09wutili.sys
[2013.12.18 21:04:59 | 001,127,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.12.18 21:04:58 | 001,127,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.12.18 21:04:58 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.12.18 20:54:49 | 003,556,824 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.12.18 20:25:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.09.07 19:16:50 | 000,202,002 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1454471165-706699826-725345543-500-0.dat
[2013.09.04 13:34:09 | 000,202,002 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.08.03 11:41:35 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2013.08.03 11:41:35 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2013.03.16 11:13:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini
[2013.01.26 10:47:53 | 000,000,324 | ---- | C] () -- C:\WINDOWS\game.ini
[2012.11.22 16:17:47 | 019,296,256 | ---- | C] () -- C:\Documents and Settings\Administrator\NTUSER.rhk
[2012.05.22 10:25:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.07.19 14:14:52 | 000,000,001 | R--- | C] () -- C:\Documents and Settings\Administrator\serverport
[2011.06.25 20:48:15 | 000,008,807 | ---- | C] () -- C:\Documents and Settings\Administrator\PlochaIMG_25062011_204815.png
[2011.02.24 13:04:44 | 020,364,702 | ---- | C] () -- C:\Program Files\vlc-1.1.7-win32.exe
[2011.01.26 18:16:41 | 000,000,302 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DelUnist.bat
[2009.03.07 15:15:18 | 004,566,456 | ---- | C] () -- C:\Program Files\Shockwave_Installer_Slim1103472.exe
[2008.04.28 22:45:26 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.28 22:21:42 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2008.04.28 21:02:04 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
========== ZeroAccess Check ==========
[2008.04.28 19:54:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.10.15 09:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2011.08.30 17:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ASUS
[2013.10.07 10:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2013.10.02 10:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG2014
[2013.10.10 14:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
[2013.10.29 07:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent Sync
[2011.10.18 00:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.12.15 15:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2012.06.21 13:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon Easy-WebPrint EX
[2011.02.19 11:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CloneSpy
[2012.01.09 10:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
[2013.04.19 16:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.06.19 08:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\go
[2013.04.19 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MiTeC
[2014.03.18 09:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2012.05.26 12:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Oracle
[2009.10.09 13:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2012.11.04 11:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.10.15 09:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\UDC Profiles
[2014.01.10 15:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Unity
[2013.10.29 13:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2011.11.27 19:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\XnView
[2011.11.27 21:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\xrecode2
[2013.09.04 11:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\1st EasySoft
[2013.10.07 10:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.02.26 12:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2012.05.22 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2012.06.21 13:41:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.09.20 18:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2012.06.29 21:14:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2013.09.20 18:48:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2014.01.29 21:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2012.06.29 21:10:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2013.09.20 18:54:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2011.03.15 08:56:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.06.19 08:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2014.01.30 18:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.03.27 23:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Landi11-original
[2014.03.30 18:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2009.07.13 23:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Musicnotes
[2014.03.04 10:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ProductData
[2014.01.30 18:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Razer
[2014.03.07 16:05:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\SAM
[2008.04.28 22:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2012.11.19 22:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.17 20:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2014.02.26 12:42:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.01.10 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.07.18 08:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013.10.07 12:00:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012.11.08 19:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2013.10.15 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2013.04.19 16:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Foxit Software
[2012.11.08 19:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Data aplikací\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2008.04.28 19:43:34 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008.04.28 19:49:39 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014.03.09 09:04:42 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2014.03.28 21:42:02 | 000,000,232 | ---- | C] () -- C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.28 21:42:02 | 000,000,238 | ---- | C] () -- C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
< >
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
[2004.08.18 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2006.11.08 15:25:24 | 000,116,688 | R--- | M] (VIA Technologies inc,.ltd) MD5=68B41DFA083C2734340BA254532700F3 -- C:\Program Files\VIA\Setup\VIARaid\DRIVER\Raid\winnt40\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Program Files\VIA\Setup\VIARaid\DRIVER\Raid\winxp\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\WINDOWS\system32\DRVSTORE\viamraid_0B7BD2CE86023D524D8509B41571686ECF13C39F\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\viamraid.sys
[2014.01.10 10:38:41 | 000,116,608 | ---- | M] (VIA Technologies inc,.ltd) MD5=FB76853B1365C2B6687A132C2B4DEE18 -- C:\WINDOWS\system32\drivers\viamraid.sys
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2013.10.11 08:21:30 | 001,538,920 | ---- | M] (BitTorrent, Inc.) -- C:\BTSync.exe
[2013.08.22 09:43:18 | 000,073,728 | ---- | M] (Creative Technology Ltd.) -- C:\CtDrvIns.exe
[2013.08.22 09:42:58 | 001,310,920 | ---- | M] () -- C:\DriverGuide_Driver_Download_188702.exe
[2007.11.04 12:12:06 | 016,590,480 | ---- | M] () -- C:\jre-1_5_0_10-windows-i586-p.exe
[2001.05.24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2013.10.11 08:15:23 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\utorrent.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.05.31 11:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2008.05.09 15:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
[2008.05.03 15:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2010.10.15 09:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2009.12.12 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2008.08.02 21:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2011.08.30 17:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ASUS
[2008.04.28 20:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2013.10.07 10:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2013.10.02 10:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG2014
[2013.10.10 14:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
[2013.10.29 07:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent Sync
[2011.10.18 00:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.12.15 15:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2012.06.21 13:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon Easy-WebPrint EX
[2011.02.19 11:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CloneSpy
[2008.04.28 20:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
[2014.01.28 10:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DivX
[2012.01.09 10:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
[2011.11.30 13:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2012.07.12 22:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FastStone
[2013.04.19 16:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.06.19 08:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\go
[2013.02.09 08:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2011.02.03 09:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2008.04.28 19:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2009.09.05 18:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2014.03.07 08:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2014.01.07 07:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2013.05.13 09:59:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2008.04.28 21:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft Web Folders
[2013.04.19 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MiTeC
[2010.01.22 20:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2014.03.18 09:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2009.11.13 18:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2014.02.24 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\NVIDIA
[2012.05.26 12:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Oracle
[2012.11.19 18:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Real
[2009.07.13 23:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sibelius Software
[2014.02.19 08:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2014.01.07 07:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2009.10.09 13:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2008.04.28 22:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2008.08.17 11:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Talkback
[2012.11.04 11:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2009.04.05 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\U3
[2010.10.15 09:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\UDC Profiles
[2014.01.10 15:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Unity
[2013.10.29 13:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2014.03.13 11:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2010.06.17 20:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2011.11.27 19:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\XnView
[2011.11.27 21:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\xrecode2
< %APPDATA%\*.exe /s >
[2013.10.10 13:33:18 | 001,125,464 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent\updates\7.8.1_29939.exe
[2011.12.05 21:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe
[2011.12.05 21:18:12 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Uninstall.exe
[2008.04.28 19:56:43 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
[2014.01.10 15:42:53 | 000,915,368 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Administrator\Data aplikací\Sun\Java\JRERunOnce.exe
[2013.10.11 08:17:24 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent\uTorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2003.01.01 01:21:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2003.01.01 01:21:05 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2003.01.01 01:21:05 | 000,499,712 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.03.31 08:15:52 | 000,005,856 | ---- | M] () -- C:\WINDOWS\system32\nvAppTimestamps
[2014.03.31 08:04:43 | 000,098,466 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.03.31 08:04:43 | 000,084,670 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.03.31 08:04:43 | 000,489,094 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.03.31 08:04:43 | 000,494,318 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.03.31 08:04:43 | 001,184,706 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2014.03.31 08:02:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
[2013.10.11 08:21:30 | 001,538,920 | ---- | M] (BitTorrent, Inc.) -- C:\BTSync.exe
[2013.08.22 09:43:18 | 000,073,728 | ---- | M] (Creative Technology Ltd.) -- C:\CtDrvIns.exe
[2013.08.22 09:42:58 | 001,310,920 | ---- | M] () -- C:\DriverGuide_Driver_Download_188702.exe
[2007.11.04 12:12:06 | 016,590,480 | ---- | M] () -- C:\jre-1_5_0_10-windows-i586-p.exe
[2001.05.24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2013.10.11 08:15:23 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\utorrent.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Rainlendar2" = C:\Program Files\Rainlendar2\Rainlendar2.exe -- [2012.07.02 09:11:14 | 002,498,048 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=20
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.03.31 08:24:44 | 000,000,512 | ---- | M] () MD5=E8A12B6746D78AA5659FE4B53F762C49 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.03.07 12:24:40 | 000,318,428 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\IObit\ASCDownloader\Downloader.log
[2014.01.30 09:11:47 | 000,000,598 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\IObit\ASCDownloader\Downloader_1.log
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 15:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 15:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.01.01 14:14:17 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Downloader\YouTube Downloader Help.url
[2011.01.01 14:14:17 | 000,001,720 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Downloader\YouTube Downloader.lnk
[2013.11.08 22:48:39 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{7259B677-D31A-4F8B-8889-0E400F51BB94}\ExtensionLoader.dll
[2013.07.25 04:43:28 | 000,065,344 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 04:43:12 | 000,073,024 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2009.06.02 01:16:58 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.12.14 09:57:34 | 000,483,328 | ---- | M] () -- \Program Files\YouTube Downloader\YouTubeDownloader.exe
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2012.08.08 17:32:40 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2009.03.23 12:30:28 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 19:19:00 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.18 14:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2014.02.12 18:50:06 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.09 14:59:07 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 21:23:34 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 18:45:10 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.12 21:25:21 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.26 15:28:17 | 002,659,328 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
[2014.02.26 15:46:14 | 000,009,216 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\bc1a3b2de28e513e09fe7322c122144f\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.09.04 11:29:09 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.26 15:16:35 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.04 11:29:07 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.26 15:16:18 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.26 15:16:54 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2004.08.18 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2004.08.18 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\dllcache\serial.sys
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:51394AA5
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1022,48 Mb Total Physical Memory | 317,20 Mb Available Physical Memory | 31,02% Memory free
2,40 Gb Paging File | 1,72 Gb Available in Paging File | 71,78% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 186,31 Gb Total Space | 88,14 Gb Free Space | 47,31% Space Free | Partition Type: NTFS
Computer Name: AKADEMIC-4B9E5F | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.03.31 08:20:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
PRC - [2014.03.30 19:42:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014.03.19 22:17:52 | 004,971,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.02.23 22:22:30 | 003,782,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2013.12.05 13:48:12 | 000,680,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgemcx.exe
PRC - [2013.11.25 23:03:56 | 000,591,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2013.11.25 23:00:24 | 000,892,944 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2013.11.13 23:03:10 | 000,729,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2013.09.24 02:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2012.07.02 09:11:14 | 002,498,048 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.01.02 17:41:22 | 000,045,056 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
========== Modules (No Company Name) ==========
MOD - [2014.03.30 19:42:19 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014.02.25 11:49:37 | 016,265,096 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll
MOD - [2014.02.12 21:24:01 | 011,906,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\f0b0625c2db624ba9c97ad1b12490d79\System.Web.ni.dll
MOD - [2014.02.12 21:22:01 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b6e70acd99dc22e29b7fc8f9ac340c4\System.Configuration.ni.dll
MOD - [2014.02.12 18:50:17 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2014.02.12 18:50:09 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014.02.12 18:40:18 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7faf645dc46781225cb722edf9e1e738\System.Xml.ni.dll
MOD - [2014.02.12 18:40:11 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014.02.12 18:39:52 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014.02.12 18:33:45 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014.02.12 18:33:17 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2012.07.02 09:11:30 | 000,198,144 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
MOD - [2012.07.02 09:11:14 | 002,498,048 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
MOD - [2012.06.17 15:22:08 | 000,012,800 | ---- | M] () -- C:\Program Files\Rainlendar2\lfs.dll
MOD - [2012.05.16 21:01:30 | 000,140,800 | ---- | M] () -- C:\Program Files\Rainlendar2\lua52.dll
MOD - [2010.12.12 12:58:14 | 000,502,784 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_xrc_vc_rny.dll
MOD - [2010.12.12 12:58:00 | 000,131,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_xml_vc_rny.dll
MOD - [2010.12.12 12:57:56 | 000,485,376 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_html_vc_rny.dll
MOD - [2010.12.12 12:57:44 | 000,707,584 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_adv_vc_rny.dll
MOD - [2010.12.12 12:57:36 | 002,633,216 | ---- | M] () -- C:\Program Files\Rainlendar2\wxmsw28u_core_vc_rny.dll
MOD - [2010.12.12 12:56:46 | 001,205,760 | ---- | M] () -- C:\Program Files\Rainlendar2\wxbase28u_vc_rny.dll
MOD - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
========== Services (SafeList) ==========
SRV - [2014.03.30 19:42:20 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.02.25 11:49:39 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.02.23 22:22:30 | 003,782,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.24 02:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2009.02.10 18:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - [2014.03.03 08:55:50 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014.02.19 09:05:20 | 005,630,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2014.02.19 09:05:19 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2014.02.19 09:05:18 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2014.01.19 22:46:54 | 000,022,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2014.01.10 10:39:05 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2014.01.10 10:38:13 | 000,013,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2014.01.10 10:36:32 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2013.11.25 22:56:22 | 000,210,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.11.25 22:56:22 | 000,149,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.11.25 22:49:18 | 000,120,600 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2013.11.01 00:00:28 | 000,176,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013.10.31 23:30:08 | 000,222,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.10.01 01:49:38 | 000,102,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013.09.10 01:43:20 | 000,027,448 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.08.01 16:08:52 | 000,193,848 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.06.17 15:59:14 | 000,099,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2006.09.28 11:47:48 | 000,283,776 | ---- | M] (AfaTech ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AF15BDA.sys -- (AF15BDA)
DRV - [2006.08.16 08:25:30 | 000,016,899 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2006.08.03 00:07:50 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{0D0366FF-EB75-460C-86D5-23864494886A}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{0EE59C28-9895-425A-9A13-A0DE4AA2A736}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{84E2C1B1-5812-476C-B86A-390766081B32}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\SearchScopes\{F4CDEE68-BC8E-40EE-B3D4-7E7A7B6F6B27}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-1454471165-706699826-725345543-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Amazon "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =198484&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014.03.30 19:42:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.03.30 19:42:06 | 000,000,000 | ---D | M]
[2010.01.22 20:08:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Extensions
[2014.03.21 16:00:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\extensions
[2014.01.10 10:00:04 | 000,000,000 | ---D | M] (Start Page) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2014.03.07 12:40:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\z1eh0v4m.default\extensions
[2013.08.22 09:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profilesqb2igq9s.default\extensions
[2013.08.22 09:43:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profilesqb2igq9s.default\extensions\staged
[2014.01.07 08:21:43 | 000,002,048 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\searchplugins\mapycz.xml
[2014.02.25 12:10:08 | 000,008,061 | ---- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\aw97zbh5.default-1387454379203\searchplugins\yahoo_ff.xml
[2014.03.30 19:42:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2014.03.30 19:42:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.30 19:41:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.03.30 19:41:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.03.30 19:42:21 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\AW97ZBH5.DEFAULT-1387454379203\EXTENSIONS\{58D2A791-6199-482F-A9AA-9B725EC61362}
[2011.03.21 08:22:04 | 001,680,272 | ---- | M] (Caminova, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2012.08.14 12:43:37 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: VyhledávánĂ Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.3_0\
CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014.03.27 12:10:30 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No CLSID value found.
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1454471165-706699826-725345543-500\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKU\S-1-5-21-1454471165-706699826-725345543-500..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1454471165-706699826-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 217
O7 - HKU\S-1-5-21-1454471165-706699826-725345543-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3943D08F-3712-4465-881C-98C6B78AAE86}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/ADMINI~1/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.04.28 19:45:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.03.31 08:20:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2014.03.30 20:23:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2014.03.30 19:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014.03.28 21:49:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
[2014.03.27 09:07:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xp_eos.exe
[2014.03.27 09:07:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xp_eos.exe
[2014.03.22 13:56:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\vzpomínky 1
[2014.03.15 21:30:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Plocha\maminka s Ferdou
[2014.03.13 11:25:43 | 000,000,000 | ---D | C] -- C:\rsit
[2014.03.13 10:35:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2014.03.11 10:56:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2014.03.11 10:55:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\MyPhoneExplorer
[2014.03.11 10:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\MyPhoneExplorer
[2014.03.09 18:23:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Dokumenty\Landi11
[2014.03.09 14:45:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Landi
[2014.03.09 14:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\landi 11
[2014.03.09 14:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Landi11-original
[2014.03.09 09:23:04 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.03.07 14:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2014.03.07 14:45:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.03.07 09:33:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.03.07 09:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.03.07 08:05:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2014.03.07 08:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.03.06 10:19:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\tasks\ImCleanDisabled
[2009.03.07 15:13:38 | 001,914,000 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files\install_flash_player_10_active_x.exe
[2008.10.13 22:04:09 | 067,167,528 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunes801Setup.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014.03.31 08:24:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.03.31 08:20:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Plocha\OTL.exe
[2014.03.31 08:15:52 | 000,005,856 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
[2014.03.31 08:04:43 | 000,494,318 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.03.31 08:04:43 | 000,489,094 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.03.31 08:04:43 | 000,098,466 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.03.31 08:04:43 | 000,084,670 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.03.31 08:02:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.03.31 08:02:17 | 000,000,238 | ---- | M] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.31 08:00:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.31 08:00:04 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2014.03.30 18:47:54 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.27 12:10:30 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2014.03.27 09:45:50 | 003,945,472 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RogueKiller.exe
[2014.03.23 22:14:48 | 001,508,772 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\skříně.JPG
[2014.03.22 14:37:56 | 000,530,708 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110649.JPG
[2014.03.22 14:37:16 | 000,501,220 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110646.JPG
[2014.03.22 14:36:34 | 000,515,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110643.JPG
[2014.03.22 14:33:18 | 000,523,223 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110637.JPG
[2014.03.22 14:32:20 | 000,516,210 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110635.JPG
[2014.03.22 14:07:33 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110598.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110595.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110594.lnk
[2014.03.22 14:05:34 | 000,499,327 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110618.JPG
[2014.03.22 14:03:46 | 000,512,926 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110616.JPG
[2014.03.22 13:49:50 | 000,508,913 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110609.JPG
[2014.03.22 13:38:38 | 000,551,873 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\P1110599.JPG
[2014.03.20 13:25:09 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2014.03.14 09:53:37 | 001,432,944 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.03.13 09:57:54 | 000,000,402 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140313_085737.reg
[2014.03.11 10:55:43 | 000,001,751 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
[2014.03.09 14:45:02 | 002,691,072 | ---- | M] ( ) -- C:\WINDOWS\ulandi.exe
[2014.03.09 14:45:02 | 000,001,564 | ---- | M] () -- C:\Documents and Settings\Administrator\Plocha\Landi 11.lnk
[2014.03.09 14:28:06 | 000,487,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Setup1.exe
[2014.03.09 14:28:06 | 000,001,783 | ---- | M] () -- C:\WINDOWS\ST6UNST.000
[2014.03.09 14:28:05 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ST6UNST.EXE
[2014.03.09 09:22:39 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.03.09 09:20:47 | 000,054,544 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_082044.reg
[2014.03.09 09:06:06 | 000,003,402 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080603.reg
[2014.03.09 09:01:49 | 000,036,154 | ---- | M] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080132.reg
[2014.03.07 07:48:21 | 000,000,080 | ---- | M] () -- C:\Documents and Settings\Administrator\rgmnr
[2014.03.03 08:57:36 | 000,000,000 | ---- | M] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.03.03 08:55:50 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014.03.31 08:24:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.03.28 21:42:02 | 000,000,238 | ---- | C] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.28 21:42:02 | 000,000,232 | ---- | C] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.27 09:45:49 | 003,945,472 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RogueKiller.exe
[2014.03.23 22:46:43 | 001,508,772 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\skříně.JPG
[2014.03.22 14:07:33 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110598.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110595.lnk
[2014.03.22 14:07:33 | 000,000,493 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110594.lnk
[2014.03.22 14:06:42 | 000,499,327 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110618.JPG
[2014.03.22 14:06:21 | 000,512,926 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110616.JPG
[2014.03.22 14:05:48 | 000,508,913 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110609.JPG
[2014.03.22 14:04:56 | 000,551,873 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110599.JPG
[2014.03.22 14:01:33 | 000,523,223 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110637.JPG
[2014.03.22 13:56:39 | 000,530,708 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110649.JPG
[2014.03.22 13:56:39 | 000,516,210 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110635.JPG
[2014.03.22 13:56:39 | 000,515,873 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110643.JPG
[2014.03.22 13:56:39 | 000,501,220 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\P1110646.JPG
[2014.03.20 13:24:46 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\RSIT.exe
[2014.03.13 09:57:39 | 000,000,402 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140313_085737.reg
[2014.03.11 10:55:43 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MyPhoneExplorer.lnk
[2014.03.09 14:45:02 | 002,691,072 | ---- | C] ( ) -- C:\WINDOWS\ulandi.exe
[2014.03.09 14:45:02 | 000,001,564 | ---- | C] () -- C:\Documents and Settings\Administrator\Plocha\Landi 11.lnk
[2014.03.09 14:28:04 | 004,879,917 | ---- | C] () -- C:\WINDOWS\VBR6.CAB
[2014.03.09 14:28:04 | 000,001,783 | ---- | C] () -- C:\WINDOWS\ST6UNST.000
[2014.03.09 09:20:45 | 000,054,544 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_082044.reg
[2014.03.09 09:06:05 | 000,003,402 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080603.reg
[2014.03.09 09:04:42 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.03.09 09:01:40 | 000,036,154 | ---- | C] () -- C:\Documents and Settings\Administrator\Dokumenty\cc_20140309_080132.reg
[2014.03.03 08:57:36 | 000,000,000 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml
[2014.02.24 22:56:14 | 001,950,097 | ---- | C] () -- C:\Documents and Settings\Administrator\scrypt130511GeForce 210glg2tc960w256l4.bin
[2014.02.23 13:02:21 | 000,000,080 | ---- | C] () -- C:\Documents and Settings\Administrator\rgmnr
[2014.01.28 10:53:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\swsys.dmp
[2014.01.28 10:39:44 | 000,010,498 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\lpm.dat
[2014.01.10 10:36:58 | 000,026,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2014.01.10 09:51:34 | 000,079,486 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2013.12.19 15:57:32 | 000,000,048 | ---- | C] () -- C:\WINDOWS\System32\09wutili.sys
[2013.12.18 21:04:59 | 001,127,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.12.18 21:04:58 | 001,127,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.12.18 21:04:58 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.12.18 20:54:49 | 003,556,824 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.12.18 20:25:17 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.09.07 19:16:50 | 000,202,002 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1454471165-706699826-725345543-500-0.dat
[2013.09.04 13:34:09 | 000,202,002 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.08.03 11:41:35 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2013.08.03 11:41:35 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2013.03.16 11:13:41 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini
[2013.01.26 10:47:53 | 000,000,324 | ---- | C] () -- C:\WINDOWS\game.ini
[2012.11.22 16:17:47 | 019,296,256 | ---- | C] () -- C:\Documents and Settings\Administrator\NTUSER.rhk
[2012.05.22 10:25:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.07.19 14:14:52 | 000,000,001 | R--- | C] () -- C:\Documents and Settings\Administrator\serverport
[2011.06.25 20:48:15 | 000,008,807 | ---- | C] () -- C:\Documents and Settings\Administrator\PlochaIMG_25062011_204815.png
[2011.02.24 13:04:44 | 020,364,702 | ---- | C] () -- C:\Program Files\vlc-1.1.7-win32.exe
[2011.01.26 18:16:41 | 000,000,302 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DelUnist.bat
[2009.03.07 15:15:18 | 004,566,456 | ---- | C] () -- C:\Program Files\Shockwave_Installer_Slim1103472.exe
[2008.04.28 22:45:26 | 000,188,416 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.28 22:21:42 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2008.04.28 21:02:04 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
========== ZeroAccess Check ==========
[2008.04.28 19:54:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.10.15 09:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2011.08.30 17:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ASUS
[2013.10.07 10:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2013.10.02 10:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG2014
[2013.10.10 14:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
[2013.10.29 07:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent Sync
[2011.10.18 00:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.12.15 15:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2012.06.21 13:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon Easy-WebPrint EX
[2011.02.19 11:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CloneSpy
[2012.01.09 10:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
[2013.04.19 16:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.06.19 08:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\go
[2013.04.19 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MiTeC
[2014.03.18 09:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2012.05.26 12:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Oracle
[2009.10.09 13:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2012.11.04 11:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2010.10.15 09:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\UDC Profiles
[2014.01.10 15:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Unity
[2013.10.29 13:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2011.11.27 19:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\XnView
[2011.11.27 21:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\xrecode2
[2013.09.04 11:34:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\1st EasySoft
[2013.10.07 10:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.02.26 12:04:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2012.05.22 18:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2012.06.21 13:41:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.09.20 18:58:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2012.06.29 21:14:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJEGV
[2013.09.20 18:48:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2014.01.29 21:57:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2012.06.29 21:10:20 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2013.09.20 18:54:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenu
[2011.03.15 08:56:13 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.06.19 08:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2014.01.30 18:02:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2014.03.27 23:15:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Landi11-original
[2014.03.30 18:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2009.07.13 23:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Musicnotes
[2014.03.04 10:06:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ProductData
[2014.01.30 18:02:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Razer
[2014.03.07 16:05:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\SAM
[2008.04.28 22:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2012.11.19 22:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.17 20:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2014.02.26 12:42:27 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.01.10 09:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.07.18 08:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
[2013.10.07 12:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013.10.07 12:00:33 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2012.11.08 19:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2013.10.15 17:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2013.04.19 16:12:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Foxit Software
[2012.11.08 19:43:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\UpdatusUser\Data aplikací\TuneUp Software
========== Purity Check ==========
========== Custom Scans ==========
< >
[2008.04.28 19:43:34 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008.04.28 19:49:39 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2014.03.09 09:04:42 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2014.03.28 21:42:02 | 000,000,232 | ---- | C] () -- C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.28 21:42:02 | 000,000,238 | ---- | C] () -- C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
< >
< MD5 for: AGP440.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.18 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe
[2004.08.18 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.18 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.18 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 15:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 15:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 14:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.18 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys
< MD5 for: ISAPNP.SYS >
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.09.22 22:40:42 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.18 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.18 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.18 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.18 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.18 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 18:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: VIAMRAID.SYS >
[2006.11.08 15:25:24 | 000,116,688 | R--- | M] (VIA Technologies inc,.ltd) MD5=68B41DFA083C2734340BA254532700F3 -- C:\Program Files\VIA\Setup\VIARaid\DRIVER\Raid\winnt40\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\Program Files\VIA\Setup\VIARaid\DRIVER\Raid\winxp\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\WINDOWS\system32\DRVSTORE\viamraid_0B7BD2CE86023D524D8509B41571686ECF13C39F\viamraid.sys
[2006.11.08 15:23:52 | 000,102,912 | R--- | M] (VIA Technologies inc,.ltd) MD5=7DC3E1DC6E4F8BE381C31BFEA578412A -- C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\viamraid.sys
[2014.01.10 10:38:41 | 000,116,608 | ---- | M] (VIA Technologies inc,.ltd) MD5=FB76853B1365C2B6687A132C2B4DEE18 -- C:\WINDOWS\system32\drivers\viamraid.sys
< MD5 for: WINLOGON.EXE >
[2004.08.18 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.18 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
[2013.10.11 08:21:30 | 001,538,920 | ---- | M] (BitTorrent, Inc.) -- C:\BTSync.exe
[2013.08.22 09:43:18 | 000,073,728 | ---- | M] (Creative Technology Ltd.) -- C:\CtDrvIns.exe
[2013.08.22 09:42:58 | 001,310,920 | ---- | M] () -- C:\DriverGuide_Driver_Download_188702.exe
[2007.11.04 12:12:06 | 016,590,480 | ---- | M] () -- C:\jre-1_5_0_10-windows-i586-p.exe
[2001.05.24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2013.10.11 08:15:23 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\utorrent.exe
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.05.31 11:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Adobe
[2008.05.09 15:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
[2008.05.03 15:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Ahead
[2010.10.15 09:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Any Video Converter
[2009.12.12 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
[2008.08.02 21:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
[2011.08.30 17:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ASUS
[2008.04.28 20:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\ATI
[2013.10.07 10:28:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG
[2013.10.02 10:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\AVG2014
[2013.10.10 14:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent
[2013.10.29 07:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent Sync
[2011.10.18 00:48:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\calibre
[2012.12.15 15:05:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon
[2012.06.21 13:45:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Canon Easy-WebPrint EX
[2011.02.19 11:30:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CloneSpy
[2008.04.28 20:41:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
[2014.01.28 10:42:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\DivX
[2012.01.09 10:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox
[2011.11.30 13:58:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\dvdcss
[2012.07.12 22:00:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\FastStone
[2013.04.19 16:12:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Foxit Software
[2011.06.19 08:28:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\go
[2013.02.09 08:30:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Google
[2011.02.03 09:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Help
[2008.04.28 19:50:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Identities
[2009.09.05 18:39:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
[2014.03.07 08:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
[2014.01.07 07:18:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
[2013.05.13 09:59:02 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
[2008.04.28 21:56:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft Web Folders
[2013.04.19 16:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MiTeC
[2010.01.22 20:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
[2014.03.18 09:32:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\MyPhoneExplorer
[2009.11.13 18:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Nero
[2014.02.24 22:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\NVIDIA
[2012.05.26 12:05:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Oracle
[2012.11.19 18:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Real
[2009.07.13 23:10:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sibelius Software
[2014.02.19 08:42:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Skype
[2014.01.07 07:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\skypePM
[2009.10.09 13:29:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Stellarium
[2008.04.28 22:13:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Sun
[2008.08.17 11:22:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Talkback
[2012.11.04 11:21:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
[2009.04.05 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\U3
[2010.10.15 09:38:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\UDC Profiles
[2014.01.10 15:48:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\Unity
[2013.10.29 13:59:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
[2014.03.13 11:03:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\vlc
[2010.06.17 20:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
[2011.11.27 19:07:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\XnView
[2011.11.27 21:41:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\xrecode2
< %APPDATA%\*.exe /s >
[2013.10.10 13:33:18 | 001,125,464 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\BitTorrent\updates\7.8.1_29939.exe
[2011.12.05 21:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Dropbox.exe
[2011.12.05 21:18:12 | 000,174,752 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\Dropbox\bin\Uninstall.exe
[2008.04.28 19:56:43 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Administrator\Data aplikací\Microsoft\Installer\{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}\ARPPRODUCTICON.exe
[2014.01.10 15:42:53 | 000,915,368 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Administrator\Data aplikací\Sun\Java\JRERunOnce.exe
[2013.10.11 08:17:24 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\Administrator\Data aplikací\uTorrent\uTorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2003.01.01 01:21:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2003.01.01 01:21:05 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2003.01.01 01:21:05 | 000,499,712 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.03.31 08:15:52 | 000,005,856 | ---- | M] () -- C:\WINDOWS\system32\nvAppTimestamps
[2014.03.31 08:04:43 | 000,098,466 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.03.31 08:04:43 | 000,084,670 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.03.31 08:04:43 | 000,489,094 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.03.31 08:04:43 | 000,494,318 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.03.31 08:04:43 | 001,184,706 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2014.03.31 08:02:20 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
< %SYSTEMDRIVE%\*.exe >
[2013.10.11 08:21:30 | 001,538,920 | ---- | M] (BitTorrent, Inc.) -- C:\BTSync.exe
[2013.08.22 09:43:18 | 000,073,728 | ---- | M] (Creative Technology Ltd.) -- C:\CtDrvIns.exe
[2013.08.22 09:42:58 | 001,310,920 | ---- | M] () -- C:\DriverGuide_Driver_Download_188702.exe
[2007.11.04 12:12:06 | 016,590,480 | ---- | M] () -- C:\jre-1_5_0_10-windows-i586-p.exe
[2001.05.24 13:59:30 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
[2013.10.11 08:15:23 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\utorrent.exe
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Rainlendar2" = C:\Program Files\Rainlendar2\Rainlendar2.exe -- [2012.07.02 09:11:14 | 002,498,048 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=20
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.03.31 08:24:44 | 000,000,512 | ---- | M] () MD5=E8A12B6746D78AA5659FE4B53F762C49 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.03.07 12:24:40 | 000,318,428 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\IObit\ASCDownloader\Downloader.log
[2014.01.30 09:11:47 | 000,000,598 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\IObit\ASCDownloader\Downloader_1.log
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 15:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 15:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.01.01 14:14:17 | 000,000,072 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Downloader\YouTube Downloader Help.url
[2011.01.01 14:14:17 | 000,001,720 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Downloader\YouTube Downloader.lnk
[2013.11.08 22:48:39 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{7259B677-D31A-4F8B-8889-0E400F51BB94}\ExtensionLoader.dll
[2013.07.25 04:43:28 | 000,065,344 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.07.25 04:43:12 | 000,073,024 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2009.06.02 01:16:58 | 000,114,688 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.12.14 09:57:34 | 000,483,328 | ---- | M] () -- \Program Files\YouTube Downloader\YouTubeDownloader.exe
[2004.08.18 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2012.08.08 17:32:40 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2009.03.23 12:30:28 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.13 19:19:00 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.18 14:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2014.02.12 18:50:06 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.09 14:59:07 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 21:23:34 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 18:45:10 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.12 21:25:21 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.26 15:28:17 | 002,659,328 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\be0a1bb51a0d8fb41140c8111ed56d19\System.Runtime.Serialization.ni.dll
[2014.02.26 15:46:14 | 000,009,216 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\bc1a3b2de28e513e09fe7322c122144f\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.09.04 11:29:09 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.26 15:16:35 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.04 11:29:07 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.26 15:16:18 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.26 15:16:54 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 17:48:20 | 000,011,120 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2004.08.18 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2004.08.18 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\dllcache\serial.sys
[2004.08.18 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 150 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:51394AA5
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
< End of report >
Napiste mi velikost tohoto adresare C:\Documents and Settings\Administrator\Plocha
Vypnete antivir, at nebrani programu v praci.
