Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zasekaný PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#16 Příspěvek od maclo »

Druhý log:



Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by Ondra on po 29.09.2014 at 20:30:37,70.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Ondra\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

29.9.2014 20:35:09 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{45277F9D-8C9C-4726-A558-D69AC740910E} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{da4f7847-ca44-41d2-9254-0c50b48395e3} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{564f4804-4ada-4718-a0bb-7e79098637e2} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{f4768b15-6460-430a-9eee-734251e5b1f8} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{c65e1943-4c25-4838-9592-2a0bb6ec303e} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{b61431dc-51dd-4f97-86d2-50eea4a09ca5} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{0c900c0e-7d5d-4227-8d38-90eb3301ad02} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{baa7bd37-9f81-40e5-94c5-6936e7ba331b} deleted successfully
HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@bettersurfplusv1.com deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@WebexpEnhancedV1alpha126.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@VideoPlayerV3beta10800.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaViewerV1alpha1159.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaViewV1alpha959.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaViewV1alpha5056.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaWatchV1home490.net deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater3.2.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater3.2.0 deleted successfully

==== Deleting Files \ Folders ======================

C:\DOCUME~1\ALLUSE~1\DATAAP~1\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted
C:\Program Files\HellSpy Klient deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Cloud Software LTD deleted
C:\Program Files\ComPlus Applications deleted
C:\extensions.sqlite deleted
C:\extensions.ini deleted
C:\prefs.js deleted
C:\user.js deleted
C:\SUPPORT deleted
C:\Documents and Settings\LocalService\Data aplikací\Hotspot Shield deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Avg_Update_0814tb deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\InstallMate deleted
C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\BS_Player deleted
C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\NCH_EN\toolbar.cfg deleted
C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\NCH_EN\tbNCH_.dll deleted
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\adawarebp deleted
C:\WINDOWS\System32\searchplugins deleted
C:\WINDOWS\System32\Extensions deleted
"C:\Documents and Settings\Ondra\Data aplikací\Yandex\r1-barff" deleted
"C:\Documents and Settings\Ondra\Data aplikací\Yandex\ui" deleted
"C:\Documents and Settings\Ondra\Data aplikací\Yandex" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [28.12.2011 22:11]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ajadlheagenmmedmhaoafgkdenfilcme - C:\Program Files\BetterSurf\BetterSurfPlusV1\ch\BetterSurfPlusV1.crx[]
dboidogabehdbakgnhgfdfbjlhojfjaa - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta10800\ch\VideoPlayerV3beta10800.crx[]
foocfmdgmcjnnfhieeofgkcmcpcgjmca - C:\Program Files\MediaViewV1\MediaViewV1alpha959\ch\MediaViewV1alpha959.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[16.08.2011 07:20]
lopocmlbmfimjjgggpfppbpmmkpepdeb - C:\Program Files\MediaViewV1\MediaViewV1alpha5056\ch\MediaViewV1alpha5056.crx[]
maadkgphlnognbonbbbpkefemeeledhj - C:\Program Files\MediaViewerV1\MediaViewerV1alpha1159\ch\MediaViewerV1alpha1159.crx[]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12.12.2011 15:13]
oeblbdimkbapfcnelaknlejinfhjbnlk - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha126\ch\WebexpEnhancedV1alpha126.crx[]
ohkfcnlkdgejpcgaejdohbcchilbcfgn - C:\Program Files\MediaWatchV1\MediaWatchV1home490\ch\MediaWatchV1home490.crx[]


==== Chromium Startpages ======================

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Bromium\User Data\Default\Preferences
{"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?clid=1200402","se ... on_startup":["http://www.yandex.ru/?clid=1200402"]},"browser":{"show_home_button":true}}

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Preferences
{"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?clid=1200402","se ... on_startup":["http://www.yandex.ru/?clid=1200402"]},"browser":{"show_home_button":true}}

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Nichrome\User Data\Default\Preferences
{"ntp":{"shown_sections":64,"shown_page":1024},"sync_promo":{"user_skipped":true},"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?clid=1200402","se ... on_startup":["http://www.yandex.ru/?clid=1200402"]},"browser":{"show_home_button":true}}

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Yandex\Internet\User Data\Default\Preferences
{"homepage_is_newtabpage":false,"homepage":"http://www.yandex.ru/?clid=1200402","se ... on_startup":["http://www.yandex.ru/?clid=1200402"]},"browser":{"show_home_button":true}}


==== Chromium Fix ======================

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage deleted successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsdepot.com_0.localstorage deleted successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.browsetosave.info_0.localstorage deleted successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.gradesaver.com_0.localstorage deleted successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_isearch.avg.com_0.localstorage deleted successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_micro-machines.en.softonic.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Bromium\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Chromium\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Nichrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Xpom\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Yandex\Internet\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Chromium\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Nichrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Xpom\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ajadlheagenmmedmhaoafgkdenfilcme deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dboidogabehdbakgnhgfdfbjlhojfjaa deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\foocfmdgmcjnnfhieeofgkcmcpcgjmca deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lopocmlbmfimjjgggpfppbpmmkpepdeb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\maadkgphlnognbonbbbpkefemeeledhj deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oeblbdimkbapfcnelaknlejinfhjbnlk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ohkfcnlkdgejpcgaejdohbcchilbcfgn deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1213 folders=67 165718879 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\fbwuser\Local Settings\temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\Ondra\Local Settings\temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Ondra\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\Ondra\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on po 29.09.2014 at 21:02:08,15 ======================
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zasekaný PC

#17 Příspěvek od Márty84 »

Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#18 Příspěvek od maclo »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondra at 2014-09-30 11:45:36
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (10%) free of 50 GB
Total RAM: 1916 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:45:51, on 30.9.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21376)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
c:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Ondra\Dokumenty\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Ondra.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Konfigurační služba Atheros (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe

--
End of file - 11255 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-21 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-08-16 3942048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-21 171424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1024000]
"TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2008-07-30 266240]
"NDSTray.exe"=NDSTray.exe []
"SmoothView"=C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe [2007-05-11 143360]
"DDWMon"=C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [2007-04-26 495616]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-07-03 150040]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-07-03 170520]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-07-03 141848]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-07 16860672]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"ACU"=C:\Program Files\Atheros\ACU.exe [2008-04-14 450648]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-25 5188112]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-10-25 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-12 65536]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-05-21 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"vidc.dvsd"=pdvcodec.dll

======List of files/folders created in the last 1 month======

2014-09-29 21:07:36 ----SHD---- C:\RECYCLER
2014-09-29 20:46:03 ----D---- C:\WINDOWS\Temp
2014-09-29 20:46:03 ----A---- C:\WINDOWS\zoek-delete.exe
2014-09-29 20:30:26 ----D---- C:\zoek_backup
2014-09-29 20:24:46 ----D---- C:\WINDOWS\ERUNT
2014-09-22 20:53:53 ----D---- C:\Program Files\7-Zip
2014-09-20 20:58:59 ----A---- C:\ComboFix.txt
2014-09-20 20:51:57 ----A---- C:\Boot.bak
2014-09-20 20:51:53 ----RASHD---- C:\cmdcons
2014-09-20 20:49:47 ----A---- C:\WINDOWS\zip.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\SWSC.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\SWREG.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\sed.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\PEV.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\NIRCMD.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\MBR.exe
2014-09-20 20:49:47 ----A---- C:\WINDOWS\grep.exe
2014-09-20 20:45:12 ----D---- C:\Qoobox
2014-09-20 20:44:59 ----D---- C:\WINDOWS\erdnt
2014-09-19 16:46:58 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2014-09-19 16:36:23 ----D---- C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
2014-09-19 16:35:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-09-14 23:40:46 ----A---- C:\WINDOWS\system32\sqlite3.dll
2014-09-14 23:39:37 ----D---- C:\AdwCleaner
2014-09-11 22:06:28 ----D---- C:\Program Files\trend micro
2014-09-11 09:51:18 ----D---- C:\Documents and Settings\Ondra\Data aplikací\AVG Web TuneUp
2014-09-11 09:51:14 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys
2014-09-11 09:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
2014-09-11 09:51:07 ----D---- C:\Program Files\AVG Web TuneUp
2014-09-10 18:42:17 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2014-09-30 11:45:44 ----D---- C:\WINDOWS\Prefetch
2014-09-30 10:21:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-09-29 21:07:38 ----D---- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz
2014-09-29 21:02:37 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-29 21:01:51 ----D---- C:\WINDOWS
2014-09-29 20:58:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-09-29 20:44:27 ----AD---- C:\WINDOWS\system32
2014-09-29 20:44:26 ----RD---- C:\Program Files
2014-09-29 20:35:14 ----D---- C:\WINDOWS\system32\drivers\etc
2014-09-27 08:18:11 ----SHD---- C:\WINDOWS\Installer
2014-09-27 08:18:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-09-27 08:08:05 ----D---- C:\Program Files\Common Files
2014-09-20 20:58:22 ----SD---- C:\WINDOWS\Tasks
2014-09-20 20:57:37 ----A---- C:\WINDOWS\system.ini
2014-09-20 20:55:45 ----D---- C:\WINDOWS\system32\drivers
2014-09-20 20:55:45 ----D---- C:\WINDOWS\AppPatch
2014-09-20 20:51:57 ----RASH---- C:\boot.ini
2014-09-20 20:49:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2014-09-20 20:39:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-09-20 20:35:20 ----D---- C:\Program Files\GotClip
2014-09-19 15:22:07 ----D---- C:\WINDOWS\Minidump
2014-09-19 15:09:13 ----D---- C:\WINDOWS\Debug
2014-09-14 22:02:49 ----D---- C:\Program Files\Ad-Aware Antivirus
2014-09-11 08:38:13 ----D---- C:\WINDOWS\system32\MRT
2014-09-11 08:20:54 ----A---- C:\WINDOWS\system32\MRT.exe
2014-09-10 19:36:35 ----D---- C:\Documents and Settings\Ondra\Data aplikací\LavasoftStatistics
2014-09-10 19:04:26 ----D---- C:\Program Files\Google
2014-09-05 17:56:05 ----HD---- C:\WINDOWS\inf
2014-09-02 06:50:28 ----D---- C:\Program Files\AVG

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-08-06 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-07-24 13560]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2008-04-15 312344]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-07-21 191256]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R2 tdudf;TOSHIBA UDF File System Driver; C:\WINDOWS\system32\DRIVERS\tdudf.sys [2007-03-26 105856]
R2 trudf;TOSHIBA DVD-RAM UDF File System Driver; C:\WINDOWS\system32\DRIVERS\trudf.sys [2007-02-19 134016]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 AR5416;Qualcomm Atheros Wireless Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2013-11-27 2158848]
R3 FwLnk;FwLnk Driver; C:\WINDOWS\system32\DRIVERS\FwLnk.sys [2007-04-04 5888]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-05-21 6018464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-09 4703744]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-12-06 220032]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Chicony USB 2.0 Camera; C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
R3 UVCFTR;UVCFTR; C:\WINDOWS\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2008-02-08 57408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\Ondra\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2008-06-13 110080]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RTS5121.sys [2008-05-22 154624]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Konfigurační služba Atheros; C:\WINDOWS\system32\acs.exe [2008-04-14 467028]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-25 3242000]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-25 289328]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-05-21 181664]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-10-25 793048]
R2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [2008-04-14 34304]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\WINDOWS\system32\TODDSrv.exe [2007-11-21 129632]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-10 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-08-19 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-10 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zasekaný PC

#19 Příspěvek od Márty84 »

Jeste jeden sken a budeme mazat.


:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#20 Příspěvek od maclo »

OTL logfile created on: 2.10.2014 8:43:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ondra\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 52,27% Memory free
3,72 Gb Paging File | 2,18 Gb Available in Paging File | 58,59% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 4,81 Gb Free Space | 9,86% Space Free | Partition Type: NTFS

Computer Name: ONDRA-NB | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.01 08:53:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
PRC - [2014.09.23 06:07:06 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.25 11:40:08 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014.08.25 11:39:18 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014.08.25 11:39:12 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.25 11:37:18 | 005,188,112 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2013.05.21 16:57:27 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.03.12 07:32:58 | 000,506,744 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011.10.25 14:44:42 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2008.07.30 13:29:48 | 000,040,960 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2008.05.08 10:11:58 | 004,787,712 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.04.29 10:33:28 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008.04.14 16:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 02:11:12 | 000,450,648 | ---- | M] (Atheros Communications, Inc.) -- C:\Program Files\Atheros\ACU.exe
PRC - [2008.04.14 02:10:52 | 000,467,028 | ---- | M] (Atheros) -- C:\WINDOWS\system32\acs.exe
PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TODDSrv.exe
PRC - [2007.07.10 09:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2007.05.11 12:38:36 | 000,143,360 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2007.05.11 03:06:00 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007.04.26 11:49:34 | 000,495,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\DDWMon.exe
PRC - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2006.03.16 13:58:00 | 000,974,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005.04.12 10:31:40 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2005.01.17 16:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe


========== Modules (No Company Name) ==========

MOD - [2014.09.23 06:07:05 | 000,331,592 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppgooglenaclpluginchrome.dll
MOD - [2014.09.23 06:07:04 | 014,891,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
MOD - [2014.09.23 06:07:02 | 008,577,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll
MOD - [2014.09.23 06:06:55 | 001,660,232 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
MOD - [2014.02.15 09:24:09 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2014.02.15 09:19:07 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1cdfe1998ad6794db3237006906c6fa2\System.Windows.Forms.ni.dll
MOD - [2014.02.15 09:18:50 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\424bff3295c6e7539cc6df62b9425bd0\System.Drawing.ni.dll
MOD - [2014.02.15 09:15:41 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4b0455ae94e3cecca4bb3ba8c96828c9\System.ni.dll
MOD - [2014.02.15 09:15:24 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\dae02331a443fb52216ca83292cb2f21\mscorlib.ni.dll
MOD - [2014.02.10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014.02.10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2013.07.10 18:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2008.08.19 13:35:26 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008.08.19 13:35:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.05.08 10:11:58 | 004,787,712 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
MOD - [2008.04.14 14:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.01.25 17:10:16 | 000,098,304 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EScript.CZE
MOD - [2007.07.11 05:12:46 | 003,010,560 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\RdLang32.CZE
MOD - [2007.07.11 04:57:22 | 000,049,152 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\WebLink.CZE
MOD - [2007.07.11 04:54:50 | 000,036,864 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Spelling.CZE
MOD - [2007.07.11 04:54:16 | 000,032,768 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SendMail.CZE
MOD - [2007.07.11 04:53:22 | 000,053,248 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search.CZE
MOD - [2007.07.11 04:51:16 | 000,019,968 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\SaveAsRTF.CZE
MOD - [2007.07.11 04:50:22 | 000,012,800 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ReadOutLoud.CZE
MOD - [2007.07.11 04:48:56 | 000,933,888 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\PPKLite.CZE
MOD - [2007.07.11 04:47:02 | 000,155,648 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia.CZE
MOD - [2007.07.11 04:46:24 | 000,073,728 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\makeaccessible.CZE
MOD - [2007.07.11 04:43:08 | 000,006,144 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\EWH32.CZE
MOD - [2007.07.11 04:39:58 | 000,204,800 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\DigSig.CZE
MOD - [2007.07.11 04:38:58 | 000,184,320 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Checkers.CZE
MOD - [2007.07.11 04:37:24 | 001,196,032 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annots.CZE
MOD - [2007.07.11 04:35:06 | 000,782,336 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Acroform.CZE
MOD - [2007.07.11 04:34:14 | 000,077,824 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\accessibility.CZE
MOD - [2007.01.13 12:01:28 | 000,475,136 | R--- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\ccme_base.dll
MOD - [2007.01.13 12:01:28 | 000,397,312 | R--- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\cryptocme2.dll
MOD - [2006.12.14 10:32:46 | 000,005,120 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\updater.CZE
MOD - [2006.12.14 10:25:58 | 000,011,776 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Search5.CZE
MOD - [2006.12.14 10:22:00 | 000,008,192 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\reflow.CZE
MOD - [2006.12.14 10:09:48 | 000,010,752 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\pddom.CZE
MOD - [2006.12.14 09:56:08 | 000,013,312 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\HLS.CZE
MOD - [2006.12.14 09:49:06 | 000,028,672 | ---- | M] () -- c:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\eBook.CZE


========== Services (SafeList) ==========

SRV - [2014.08.25 11:42:20 | 003,242,000 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.25 11:38:58 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.08.19 18:54:36 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.21 16:57:27 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.10.25 14:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2008.04.14 16:43:38 | 000,034,304 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2008.04.14 02:10:52 | 000,467,028 | ---- | M] (Atheros) [Auto | Running] -- C:\WINDOWS\system32\acs.exe -- (ACS)
SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005.01.17 16:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\taphss.sys -- (taphss)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Ondra\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2014.09.19 16:46:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014.09.11 09:51:03 | 000,042,784 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2014.08.06 10:49:48 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2014.07.21 21:03:50 | 000,191,256 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverlx.sys -- (AVGIDSDriverl)
DRV - [2014.06.30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014.06.17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014.06.17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014.06.17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014.06.17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014.06.17 16:06:22 | 000,027,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2014.06.17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.11.27 11:00:00 | 002,158,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2013.07.24 12:52:17 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gfibto.sys -- (gfibto)
DRV - [2009.12.15 14:05:42 | 000,102,528 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,024,448 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.09.15 11:51:04 | 000,019,200 | ---- | M] (Telefónica I+D) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tidnet.sys -- (tidnet)
DRV - [2008.06.13 14:26:04 | 000,110,080 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008.05.22 16:53:58 | 000,154,624 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008.04.14 14:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 14:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.09 18:01:16 | 004,703,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.02.08 09:46:36 | 000,057,408 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2008.01.03 22:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.12.17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.04.04 08:56:48 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2007.03.26 12:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007.02.19 12:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2006.11.28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2003.01.29 14:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@kb-ext.cz/PKIComponent: C:\Documents and Settings\Ondra\Data aplikací\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.28 22:11:46 | 000,000,000 | ---D | M]

[2013.07.07 19:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ondra\Data aplikací\Mozilla\Extensions
[2013.02.10 13:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.08.30 17:51:21 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
CHR - Extension: No name found = C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.09.29 20:35:14 | 000,000,753 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [ACU] C:\Program Files\Atheros\ACU.exe (Atheros Communications, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\Nástroj TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-801234099-1104799117-73996938-1005..\Run: [cz.seznam.software.autoupdate] C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-801234099-1104799117-73996938-1005..\Run: [cz.seznam.software.szndesktop] C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-801234099-1104799117-73996938-1005..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FF9379C-4DEE-4A97-BE5D-46F6C302C4DA}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.08.19 13:08:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\pdvcodec.dll (Matsushita Electric Industrial Co., Ltd.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.10.01 08:53:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
[2014.09.29 21:07:36 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.09.29 20:46:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2014.09.29 20:30:26 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014.09.29 20:24:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.09.22 20:53:53 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014.09.22 20:53:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\7-Zip
[2014.09.20 20:51:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.09.20 20:49:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.09.20 20:49:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.09.20 20:49:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.09.20 20:49:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.09.20 20:45:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.09.20 20:45:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Ondra\Nabídka Start\Programy\Nástroje pro správu
[2014.09.20 20:44:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.09.19 16:46:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014.09.19 16:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
[2014.09.19 16:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.09.19 15:09:11 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ondra\Recent
[2014.09.14 23:40:46 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\WINDOWS\System32\sqlite3.dll
[2014.09.14 23:39:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.09.11 22:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.09.11 09:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\AVG Web TuneUp
[2014.09.11 09:51:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\AVG Web TuneUp
[2014.09.11 09:51:14 | 000,042,784 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014.09.11 09:51:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
[2014.09.11 09:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Web TuneUp
[2014.09.10 19:04:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2014.09.10 19:02:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\Deployment
[2014.09.10 18:42:17 | 000,000,000 | ---D | C] -- C:\rsit
[2014.09.08 21:48:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Dokumenty\Dějiny
[2014.09.07 10:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Dokumenty\Věčný pád Říma
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.10.02 08:47:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.01 08:53:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ondra\Plocha\OTL.exe
[2014.09.30 23:08:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.30 19:08:02 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.09.29 21:02:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.09.29 21:02:02 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.09.29 21:01:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.09.29 21:01:53 | 2009,063,424 | -HS- | M] () -- C:\hiberfil.sys
[2014.09.29 20:58:30 | 000,000,012 | ---- | M] () -- C:\WINDOWS\bthservsdp.dat
[2014.09.29 20:35:14 | 000,000,753 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.09.29 20:30:26 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2014.09.28 20:34:16 | 000,164,864 | ---- | M] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.09.25 21:33:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.09.25 09:15:53 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.09.20 20:51:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.09.19 16:46:58 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014.09.11 19:31:53 | 000,012,400 | ---- | M] () -- C:\Documents and Settings\Ondra\Dokumenty\doc5.dotx
[2014.09.11 09:51:03 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2014.09.08 15:00:05 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.10.02 08:47:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.09.29 20:46:03 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2014.09.20 20:51:57 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2014.09.20 20:51:55 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2014.09.20 20:49:47 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.09.20 20:49:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.09.20 20:49:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.09.20 20:49:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.09.20 20:49:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.09.10 19:04:54 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.09.10 19:03:14 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.09.10 19:03:13 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.31 22:53:21 | 000,000,820 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013.07.23 09:31:20 | 000,000,012 | ---- | C] () -- C:\WINDOWS\bthservsdp.dat
[2013.02.22 18:34:53 | 000,000,267 | ---- | C] () -- C:\Documents and Settings\Ondra\.mysticmine
[2012.11.19 10:12:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2011.08.01 21:26:47 | 000,164,864 | ---- | C] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.25 18:13:18 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Ondra\Local Settings\Data aplikací\fusioncache.dat

========== ZeroAccess Check ==========

[2008.08.19 13:12:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.06.21 20:18:03 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.07.26 02:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Data aplikací\toshiba
[2013.07.24 13:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus
[2014.08.28 08:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.09.11 09:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Web TuneUp
[2014.03.15 22:53:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2011.07.25 18:20:27 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.07.24 12:58:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2014.10.02 08:28:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.11.15 15:43:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Orange
[2011.12.28 22:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.07.26 02:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\toshiba
[2013.01.31 10:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2011.07.26 02:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fbwuser\Data aplikací\toshiba
[2013.01.31 10:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\fbwuser\Data aplikací\TuneUp Software
[2014.08.29 08:52:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2013.08.04 12:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus
[2013.07.04 17:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AppClient
[2014.04.02 12:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Audacity
[2014.08.28 08:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVG
[2014.09.11 09:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVG Web TuneUp
[2013.10.23 10:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVG2014
[2013.02.10 14:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Broad Intelligence
[2012.04.14 19:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer
[2011.09.19 22:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer Pro
[2012.07.03 16:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\GHISLER
[2013.06.14 09:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\HellSpy.cz Download Manager
[2013.08.18 11:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\InterTrust
[2013.09.03 14:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\KB-ext
[2012.01.26 02:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\klonsoft
[2012.07.22 14:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\MOVAVI
[2012.05.10 20:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Opera
[2013.11.29 15:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Orange
[2014.09.29 21:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz
[2013.01.16 23:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Subtitles-1.3
[2011.10.01 16:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Telefónica Móviles
[2012.10.05 21:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\toshiba
[2013.11.29 15:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\translateclient
[2013.05.23 10:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\TuneUp Software
[2011.10.03 08:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Yamb

========== Purity Check ==========



========== Custom Scans ==========

< >
[2008.08.19 12:58:36 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008.08.19 13:11:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.08.09 12:48:21 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2014.03.08 11:34:15 | 000,000,216 | ---- | C] () -- C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.08 11:34:15 | 000,000,222 | ---- | C] () -- C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.09.10 19:03:13 | 000,000,934 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2014.09.10 19:03:14 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:AGP440.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\I386\AUTOCHK.EXE
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:Changer.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: IASTOR.SYS >
[2008.04.15 17:54:16 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\OemDir\iaStor.sys
[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\DRVSTORE\iaAHCI_E7EB69FF3449D216602D0D37A1D73969621673A9\iaStor.sys
[2008.04.15 17:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\I386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
[2008.04.14 14:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=F209B5C79A87A9521DC0BD88B039EEE3 -- C:\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[25 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.08.04 12:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus
[2013.08.20 14:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Adobe
[2013.07.04 17:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AppClient
[2011.09.18 11:19:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Apple Computer
[2012.03.13 22:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\ArcSoft
[2014.04.02 12:39:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Audacity
[2014.08.28 08:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVG
[2014.09.11 09:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVG Web TuneUp
[2013.10.23 10:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVG2014
[2012.07.21 19:07:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\AVS4YOU
[2013.02.10 14:06:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Broad Intelligence
[2012.04.14 19:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer
[2011.09.19 22:00:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer Pro
[2011.10.30 23:39:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\DivX
[2012.07.03 16:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\GHISLER
[2013.06.14 09:33:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\HellSpy.cz Download Manager
[2013.09.06 18:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Help
[2012.03.13 22:04:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application
[2011.07.26 02:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Identities
[2011.07.26 02:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\InstallShield
[2013.08.18 11:16:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\InterTrust
[2013.09.03 14:37:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\KB-ext
[2012.01.26 02:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\klonsoft
[2014.09.10 19:36:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\LavasoftStatistics
[2011.07.25 21:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Macromedia
[2014.09.19 16:36:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
[2014.05.17 15:53:05 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ondra\Data aplikací\Microsoft
[2012.07.22 14:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\MOVAVI
[2013.07.07 19:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Mozilla
[2012.05.10 20:57:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Opera
[2013.11.29 15:27:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Orange
[2014.09.29 21:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz
[2014.03.08 13:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Skype
[2013.01.16 23:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Subtitles-1.3
[2011.07.26 02:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Sun
[2011.10.01 16:37:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Telefónica Móviles
[2012.10.05 21:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\toshiba
[2013.11.29 15:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\translateclient
[2013.05.23 10:30:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\TuneUp Software
[2011.10.03 08:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Yamb

< %APPDATA%\*.exe /s >
[2013.07.04 17:44:09 | 002,834,432 | ---- | M] (DOSBox Team) -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Dosbox\dosbox.exe
[2013.07.04 17:44:14 | 000,265,420 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\dos4gw.exe
[2013.07.04 17:44:14 | 000,077,546 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\install.exe
[2013.07.04 17:44:14 | 000,003,054 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\mm2-crk.exe
[2013.07.04 17:44:14 | 000,601,774 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\mm2.exe
[2013.07.04 17:44:14 | 000,009,366 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\trainer.exe
[2013.07.04 17:44:16 | 000,077,546 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\cfg\install.exe
[2013.07.04 17:44:20 | 000,030,344 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Packages\Micro-Machines-2\maps\wordymap.exe
[2013.07.04 17:44:02 | 000,145,408 | ---- | M] (Free Game Empire) -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Starter\EmulatorLoader.exe
[2013.07.04 17:44:03 | 000,078,336 | ---- | M] (Free Game Empire) -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\Starter\EmulatorStarter.exe
[2013.07.04 17:44:02 | 000,145,408 | ---- | M] (Free Game Empire) -- C:\Documents and Settings\Ondra\Data aplikací\AppClient\StarterArchive\EmulatorLoader.exe
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\BSplayer\Haali media splitter\uninstall.exe
[2009.09.14 19:21:48 | 000,606,208 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application\HPSSBackup.exe
[2009.09.14 19:23:18 | 001,048,576 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application\HPSSBackupMonitor.exe
[2009.09.14 19:22:42 | 000,598,016 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application\HPSSRestore.exe
[2009.07.29 02:28:12 | 000,075,024 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application\UACToken.exe
[2009.05.16 00:04:36 | 000,133,120 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application\VSSCpy.exe
[2009.05.16 00:04:30 | 000,170,496 | ---- | M] (ArcSoft, Inc.) -- C:\Documents and Settings\Ondra\Data aplikací\HP SimpleSave Application\VSSCpy64.exe
[2013.09.03 14:37:49 | 001,175,960 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\KB-ext\lib\unins000.exe
[2014.07.27 00:05:57 | 018,594,480 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Ondra\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.07.01 11:12:16 | 000,016,896 | ---- | M] (France Telecom) -- C:\Documents and Settings\Ondra\Data aplikací\Orange\OrangeToolbarFR\5\Server\OrangeTLBSync.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\sznsetup.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 11:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 13:52:36 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\data\ffinstall\regctrl.exe
[2013.01.16 23:51:47 | 001,067,294 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Subtitles-1.3\unins000.exe
[2008.11.06 11:38:30 | 000,143,360 | ---- | M] (Explorer Context Menu Systems, Inc.) -- C:\Documents and Settings\Ondra\Data aplikací\Subtitles-1.3\Application Files\Subtitles-1.3\ShellMenu.exe
[2012.10.09 10:59:22 | 000,015,872 | ---- | M] (Subtitles.com.br) -- C:\Documents and Settings\Ondra\Data aplikací\Subtitles-1.3\Application Files\Subtitles-1.3\Subtitles-1.3.exe
[2009.06.29 08:26:54 | 000,235,764 | ---- | M] () -- C:\Documents and Settings\Ondra\Data aplikací\Yamb\MP4Box.exe
[2011.10.03 08:57:17 | 000,128,689 | ---- | M] (http://yamb.unite-video.com) -- C:\Documents and Settings\Ondra\Data aplikací\Yamb\Uninstall.exe
[2009.06.29 14:15:56 | 002,424,832 | ---- | M] (Kurtnoise) -- C:\Documents and Settings\Ondra\Data aplikací\Yamb\Yamb.exe
[2009.05.03 20:25:40 | 001,871,360 | ---- | M] (madshi.net) -- C:\Documents and Settings\Ondra\Data aplikací\Yamb\eac3to\eac3to.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.08.19 15:02:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.08.19 15:02:32 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.08.19 15:02:31 | 000,495,616 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.09.29 21:02:57 | 000,001,158 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"TOSCDSPD" = C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe -- [2005.04.12 10:31:40 | 000,065,536 | ---- | M] (TOSHIBA)
"cz.seznam.software.autoupdate" = "C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 10:10:22 | 000,092,664 | ---- | M] ()
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
"" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.02 08:47:12 | 000,000,512 | ---- | M] () MD5=60801419DE97B074FA62A2C4B10F74B2 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.09.10 02:12:34 | 001,728,512 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\Plug-ins\en_US\VSTPlugins\DeCrackler1.dll
[2008.09.10 02:12:34 | 001,728,512 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\Plug-ins\en_US\VSTPlugins\DeCrackler2.dll
[2008.09.10 02:12:34 | 001,728,512 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\Plug-ins\en_US\VSTPlugins\DeCrackler6.dll

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.11.11 15:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.11.11 15:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 15:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 15:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.11.11 15:39:40 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.08.12 17:06:21 | 000,000,890 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk
[2011.08.14 14:13:16 | 000,000,986 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
[2011.12.10 01:17:11 | 000,000,827 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Utilities\Uploader Software.lnk
[2013.07.04 17:44:02 | 000,145,408 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\AppClient\Starter\EmulatorLoader.exe
[2013.07.04 17:44:02 | 000,145,408 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\AppClient\StarterArchive\EmulatorLoader.exe
[2011.07.01 11:12:56 | 000,009,353 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Orange\OrangeToolbarFR\5\Resources\loader.gif
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\27611libfoxloader.dll
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Seznam.cz\bin\4368libfoxloader-x64.dll
[2013.05.08 16:22:28 | 000,000,165 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Documents and Settings\Ondra\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.09.04 13:37:47 | 000,000,121 | ---- | M] () -- \Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\YAGGGRWR\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2008.04.14 14:00:00 | 000,017,421 | ---- | M] () -- \I386\DMLOADER.DL_
[2008.04.14 14:00:00 | 000,115,367 | ---- | M] () -- \I386\OSLOADER.EX_
[2008.04.14 14:00:00 | 000,133,029 | ---- | M] () -- \I386\OSLOADER.NT_
[2008.08.26 01:32:24 | 000,217,088 | ---- | M] () -- \Program Files\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2008.09.09 17:06:42 | 000,217,088 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2014.09.11 09:51:01 | 000,004,178 | ---- | M] () -- \Program Files\AVG Web TuneUp\Chrome\popup\images\loader.gif
[2002.08.06 14:37:50 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2011.07.25 19:49:35 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2013.02.01 13:47:50 | 000,003,072 | ---- | M] () -- \Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_serials4you.cz_0.localstorage
[2013.02.01 13:48:48 | 000,003,072 | ---- | M] () -- \Documents and Settings\Ondra\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\http_www.serialsonline.8u.cz_0.localstorage
[2008.04.14 14:00:00 | 000,024,957 | ---- | M] () -- \I386\DPSERIAL.DL_
[2008.04.14 14:00:00 | 000,030,259 | ---- | M] () -- \I386\SERIAL.SY_
[2008.04.14 14:00:00 | 000,006,549 | ---- | M] () -- \I386\SERIALUI.DL_
[2008.09.09 15:02:38 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\LMResources\BadSerialNumberAlert.exv
[2008.09.09 15:02:38 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008.09.09 15:02:38 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008.09.09 15:02:38 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\LMResources\ReserializeAlert.exv
[2008.09.09 15:02:38 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\LMResources\SerializationWF.exv
[2008.09.09 16:49:02 | 000,095,232 | ---- | M] () -- \Program Files\Adobe\Adobe Premiere Pro CS4\Plug-ins\Common\DeviceControlSerial.prm
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.07.25 08:16:57 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008.02.21 19:19:56 | 000,051,622 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\smserial.inf
[2008.02.21 19:37:40 | 001,197,568 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\amd64\SmSerial.sys
[2008.02.21 19:29:00 | 001,092,608 | ---- | M] () -- \Toshiba\Drivers\Motorola Modem Driver\VISTAXP2K\x86\SmSerial.sys
[2008.08.19 13:33:01 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.08.19 13:33:40 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2008.08.19 13:35:25 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.15 09:24:07 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.10 09:18:38 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.17 12:49:09 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.16 17:49:47 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2013.08.16 17:06:07 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.16 16:27:15 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 19:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 18:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >
Nahoru
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#21 Příspěvek od maclo »

OTL Extras logfile created on: 2.10.2014 8:43:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ondra\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,87 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 52,27% Memory free
3,72 Gb Paging File | 2,18 Gb Available in Paging File | 58,59% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 4,81 Gb Free Space | 9,86% Space Free | Partition Type: NTFS

Computer Name: ONDRA-NB | User Name: Ondra | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit -- (Ghisler Software GmbH)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{07F58BB0-50D4-4477-B491-A97B2AD059B6}" = TOSHIBA Hotkey Utility
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = Assist TOSHIBA
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}" = Atheros Client Utility
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = TOSHIBA PC Diagnostic Tool
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3F54F267-36AF-425F-9507-4D5E13D59966}" = AVG 2014
"{400830CA-F056-4BBE-80A3-9DF9CA4FB889}" = TOSHIBA Direct Disc Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1" = HellSpy Klient verze 0.8.0
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{6068A42A-C1CF-45F2-9859-5DB16287FE5D}" = msvcrt_installer
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61B84435-7A82-4F5C-87EC-1071EC28D72D}" = TOSHIBA Utilities
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = Nástroj TOSHIBA Zooming Utility
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67A594B2-EB60-4C6C-9F21-20F76EDB8F4F}" = Návody TOSHIBA
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.5
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F7AC250-4D7D-431D-AC4E-94FB78EA3F8B}" = Řízení spotřeby TOSHIBA
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = Ztlumení jednotky CD/DVD
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A35065BD-3077-435B-ABE5-80ADC6282046}_is1" = Subtitles 1.3
"{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1" = WAV MP3 Converter v4.4 build 1429
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C02A6D5F-0FE1-46DE-B483-2BD33A226BCF}" = TOSHIBA TouchPad ON/Off Utility
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D10CB652-9332-4242-B7A9-2D61570144F7}" = USB 2.0 Card Reader
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F37413EB-9B55-4764-AC88-90BCBB3D4695}" = AVG 2014
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 6.0 Tryout" = Adobe Photoshop 6.0 Tryout
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"AVG" = AVG 2014
"AVG Web TuneUp" = AVG Web TuneUp
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Convert WAV To MP3_is1" = Convert WAV To MP3 1.0
"DivX Setup" = DivX Setup
"Free WAV to MP3 Converter" = Free WAV to MP3 Converter
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{2C38F661-26B7-445D-B87D-B53FE2D3BD42}" = Nástroj pro diagnostiku počítače TOSHIBA
"LAME_is1" = LAME v3.99.3 (for Windows)
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"O2CZ" = O2
"PEKI dictionary" = PEKI dictionary 1.21
"PROHYBRIDR" = 2007 Microsoft Office system
"rajče.net_is1" = rajče průvodce verze 1.59.25.240
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"Shuangs WAV to MP3 Converter_is1" = Shuangs WAV to MP3 Converter 2.2
"Sony Digital Voice Player Ver.2.1" = Sony Digital Voice Player Ver.2.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TCEssentials" = TC Native Essentials 2.02
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Totalcmd" = Total Commander (Remove or Repair)
"WAV to MP3 Converter_is1" = WAV to MP3 Converter 3.3
"WinDjView" = WinDjView 2.0.2
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.8.2014 5:52:59 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 8.1.0.137, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.8.2014 16:21:09 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace POWERPNT.EXE, verze 12.0.6600.1000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.8.2014 12:10:36 | Computer Name = ONDRA-NB | Source = ESENT | ID = 490
Description = wuauclt (4956) Pokus o otevření souboru C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 9.9.2014 14:45:17 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OUTLOOK.EXE, verze 12.0.6691.5000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.9.2014 10:38:34 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.75.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.9.2014 12:47:11 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6700.5000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.9.2014 14:31:38 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 8.1.0.137, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.9.2014 14:55:57 | Computer Name = ONDRA-NB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 20.9.2014 14:55:57 | Computer Name = ONDRA-NB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 20.9.2014 14:55:57 | Computer Name = ONDRA-NB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

[ Application Events ]
Error - 6.8.2014 5:52:59 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 8.1.0.137, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 28.8.2014 16:21:09 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace POWERPNT.EXE, verze 12.0.6600.1000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 31.8.2014 12:10:36 | Computer Name = ONDRA-NB | Source = ESENT | ID = 490
Description = wuauclt (4956) Pokus o otevření souboru C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 9.9.2014 14:45:17 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace OUTLOOK.EXE, verze 12.0.6691.5000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.9.2014 10:38:34 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace mbam.exe, verze 1.75.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.9.2014 12:47:11 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6700.5000, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.9.2014 14:31:38 | Computer Name = ONDRA-NB | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AcroRd32.exe, verze 8.1.0.137, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 20.9.2014 14:55:57 | Computer Name = ONDRA-NB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 20.9.2014 14:55:57 | Computer Name = ONDRA-NB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 20.9.2014 14:55:57 | Computer Name = ONDRA-NB | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

[ OSession Events ]
Error - 9.12.2011 14:51:18 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error - 26.5.2012 4:22:05 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1383904
seconds with 67320 seconds of active time. This session ended with a crash.

Error - 8.8.2012 7:13:24 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1132271
seconds with 34260 seconds of active time. This session ended with a crash.

Error - 11.4.2013 2:44:21 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 431628
seconds with 58500 seconds of active time. This session ended with a crash.

Error - 31.7.2013 4:31:45 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 592588
seconds with 75960 seconds of active time. This session ended with a crash.

Error - 25.10.2013 12:10:45 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8740
seconds with 3420 seconds of active time. This session ended with a crash.

Error - 16.1.2014 4:26:27 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 757894
seconds with 116640 seconds of active time. This session ended with a crash.

Error - 2.3.2014 13:18:48 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 76743
seconds with 9180 seconds of active time. This session ended with a crash.

Error - 28.3.2014 13:27:23 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 181783
seconds with 35100 seconds of active time. This session ended with a crash.

Error - 31.5.2014 13:43:35 | Computer Name = ONDRA-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1419299
seconds with 124380 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 26.9.2014 11:40:57 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 26.9.2014 15:29:11 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 27.9.2014 1:43:49 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 27.9.2014 13:11:20 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 28.9.2014 2:16:49 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 29.9.2014 2:15:18 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 29.9.2014 11:26:18 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.101 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 29.9.2014 15:02:54 | Computer Name = ONDRA-NB | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: atapi PCIIde

Error - 30.9.2014 4:15:51 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.0.100 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.

Error - 2.10.2014 2:23:43 | Computer Name = ONDRA-NB | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 10.0.0.42 pro síťovou kartu se síťovou
adresou 002163FCCB59 byla ukončena.


< End of report >
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zasekaný PC

#22 Příspěvek od Márty84 »

:arrow: Napiste mi velikost adresare plochy (C:\Documents and Settings\Ondra\Plocha)




:!: Vypnete antivir, at nebrani programu v praci.
:arrow: Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
MBAMSwissArmy
JavaQuickStarterService
gupdate
SkypeUpdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-801234099-1104799117-73996938-1005\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
[2014.09.29 20:30:26 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014.09.19 16:46:58 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2014.09.19 16:36:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes
[2014.09.19 16:35:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.09.29 20:30:26 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2013.07.24 13:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus
[2013.08.04 12:12:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus
[25 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\CSC\*.tmp files -> C:\WINDOWS\CSC\*.tmp -> ]
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"=-
"seznam-listicka-distribuce"=-
"SunJavaUpdateSched"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#23 Příspěvek od maclo »

Velikost adresáře je 645 MB. Log po opravě:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: fbwuser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Hudson

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Ondra
->Temp folder emptied: 6752282 bytes
->Temporary Internet Files folder emptied: 12208969 bytes
->Google Chrome cache emptied: 249986633 bytes
->Flash cache emptied: 18594691 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1127 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 2345 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 67 bytes
RecycleBin emptied: 18941367 bytes

Total Files Cleaned = 292,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: fbwuser

User: Hudson

User: LocalService

User: NetworkService

User: Ondra
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service MBAMSwissArmy stopped successfully!
Service MBAMSwissArmy deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\etrading\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\sign\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojebanka.cz\www\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-801234099-1104799117-73996938-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mojeplatba.cz\www\ deleted successfully.
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
Invalid CLSID key: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
File C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
C:\zoek_backup\C_WINDOWS_System32_searchplugins folder moved successfully.
C:\zoek_backup\C_WINDOWS_System32_Extensions folder moved successfully.
C:\zoek_backup\C_SUPPORT\TOOLS folder moved successfully.
C:\zoek_backup\C_SUPPORT\DRV\xp3264-v10.0.0.274-whql folder moved successfully.
C:\zoek_backup\C_SUPPORT\DRV\Korol-Lir-S01E02-0000228581-30283248 folder moved successfully.
C:\zoek_backup\C_SUPPORT\DRV\Korol-Lir-Part-I-DVDRip-XviD-by-MakingOff-Org-eng-20042818 folder moved successfully.
C:\zoek_backup\C_SUPPORT\DRV\Faust-2011-DVDRip-AC3-HORiZON-ArtSubs-12635838 folder moved successfully.
C:\zoek_backup\C_SUPPORT\DRV folder moved successfully.
C:\zoek_backup\C_SUPPORT folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\lib folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\SystemV folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Pacific folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Indian folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Europe folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Etc folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Australia folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Atlantic folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Asia folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Antarctica folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\America\North_Dakota folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\America\Kentucky folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\America\Indiana folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\America\Argentina folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\America folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi\Africa folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\zi folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\servicetag folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\security folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\management folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\images\cursors folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\images folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\im folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\i386 folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\fonts folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\ext folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\deploy\jqs\ie folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\deploy\jqs\ff\chrome\content folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\deploy\jqs\ff\chrome folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\deploy\jqs\ff folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\deploy\jqs folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\deploy folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\cmm folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\audio folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib\applet folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\lib folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\bin\server folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\bin\new_plugin folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\bin\client folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6\bin folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient\jre6 folder moved successfully.
C:\zoek_backup\C_Program Files_HellSpy Klient folder moved successfully.
C:\zoek_backup\C_Program Files_ComPlus Applications folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_{174892B1-CBE7-44F5-86FF-AB555EFD73A3} folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_{01BD4FC9-2F86-4706-A62E-774BB7E9D308} folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_InstallMate\{6C20EA5A-7520-460B-A4E0-3D02B7C3C8AC} folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_InstallMate folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_Cloud Software LTD\Setup folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_Cloud Software LTD folder moved successfully.
C:\zoek_backup\C_DOCUME~1_ALLUSE~1_DATAAP~1_Avg_Update_0814tb folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Ondra_Local Settings_Data aplikací_adawarebp\data folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Ondra_Local Settings_Data aplikací_adawarebp folder moved successfully.
C:\zoek_backup\C_Documents and Settings_Ondra_Data aplikací_Yandex folder moved successfully.
C:\zoek_backup\C_Documents and Settings_NetworkService_Local Settings_Data aplikací_BS_Player\Logs folder moved successfully.
C:\zoek_backup\C_Documents and Settings_NetworkService_Local Settings_Data aplikací_BS_Player folder moved successfully.
C:\zoek_backup\C_Documents and Settings_LocalService_Data aplikací_Hotspot Shield\report folder moved successfully.
C:\zoek_backup\C_Documents and Settings_LocalService_Data aplikací_Hotspot Shield folder moved successfully.
C:\zoek_backup folder moved successfully.
C:\WINDOWS\system32\drivers\mbamswissarmy.sys moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Malwarebytes folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
C:\WINDOWS\zoek-delete.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140914T180658.203125PID1916 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140910T173528.359375PID1964 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140906T055847.484375PID1640 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140902T105136.375000PID3572 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140828T074318.093750PID3204 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140828T063539.078125PID2068 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140822T180048.687500PID2284 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140802T175326.718750PID1100 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140727T111539.937500PID1816 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140726T213437.203125PID1096 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140717T182400.703125PID2372 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140704T071103.703125PID868 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140702T062545.546875PID1776 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140619T182027.796875PID2360 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140617T105150.500000PID2144 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140612T073857.203125PID2064 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140603T044308.125000PID3988 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140515T072648.062500PID3972 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140511T065117.828125PID1024 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140508T070124.531250PID1796 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140505T183736.203125PID3440 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140502T193917.656250PID4076 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140428T195052.328125PID3720 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140426T083254PID4044 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140425T153818.421875PID1932 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140418T220641.656250PID2072 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140416T085524.546875PID3256 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140411T071248.687500PID1796 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140404T103125.578125PID592 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140401T194457.500000PID2436 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140329T191150.703125PID224 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140326T134150.171875PID1140 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140317T190132.296875PID1900 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140315T090511.593750PID636 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140311T175737.406250PID792 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140310T210140.140625PID1020 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140308T093405.890625PID684 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140302T200346.890625PID1836 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140224T183529.718750PID2016 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140224T091613.843750PID1096 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140217T191250.359375PID204 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140215T081033.390625PID900 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140212T221715.921875PID1520 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140131T141749.937500PID268 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140129T094458.031250PID944 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140116T085412.875000PID3628 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140107T095711.203125PID2576 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20140107T091735.062500PID684 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131223T074939.531250PID1788 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131222T210009.250000PID816 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131221T100329.062500PID1092 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131213T133556.218750PID808 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131202T131020.031250PID2476 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131129T130457.203125PID1028 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131126T132748PID1748 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131125T162445.796875PID2260 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131115T131149.687500PID2092 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131025T134437.890625PID2332 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131024T165525.656250PID1444 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131023T085557PID1236 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20131016T181902.406250PID1912 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130921T152712.656250PID2068 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130907T134958.765625PID884 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130820T122004.890625PID884 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130818T090812.984375PID856 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130818T085525.828125PID1688 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130818T084524.328125PID772 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130815T063629.578125PID1904 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130804T110547.609375PID664 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130731T083355.640625PID924 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs\20130724T110553.375000PID3048 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Antivirus folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140914T200143.968750PID2948 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140914T180757.375000PID3348 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140914T180656.375000PID1084 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140910T173610.734375PID2328 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140910T173602.937500PID2828 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140906T055926.765625PID3780 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140906T055915.062500PID784 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140902T105303.125000PID3056 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140902T105123.187500PID2028 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140828T074414.843750PID764 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140828T074312.187500PID2128 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140828T063638.984375PID2848 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140828T063537.750000PID1088 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140822T180153.093750PID2192 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140822T180042.671875PID2052 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140817T100000.109375PID2392 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140810T100000.125000PID5916 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140803T100000.171875PID3200 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140802T175346.812500PID2676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140802T175338.421875PID2380 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140727T111752.937500PID3312 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140727T111746.796875PID2592 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140726T215757.734375PID2292 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140726T215753.046875PID5380 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140726T213446.968750PID2464 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140726T213438.312500PID1676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140720T100000.093750PID4080 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140717T182524.382875PID2780 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140717T182355.765625PID964 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140706T100000.140625PID912 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140704T071117.421875PID2368 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140704T071114.734375PID2296 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140702T062724.234375PID1044 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140702T062721.421875PID980 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140622T100000.093750PID5748 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140619T182037.312500PID2624 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140619T182030.468750PID2464 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140617T105253.281250PID3028 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140617T105150.109375PID1872 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140612T074004.250000PID2872 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140612T073853.578125PID1020 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140608T100000.062500PID2720 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140603T044359.234375PID1992 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140603T044209.250000PID2568 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140515T072721.937500PID2208 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140515T072544.687500PID320 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140511T100000.135875PID3028 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140511T065150.062500PID3108 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140511T065140.609375PID2624 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140508T070232.468750PID3464 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140508T070229.953125PID2268 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140505T183814.390625PID3008 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140505T183644.906250PID2356 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140504T100000.062500PID4720 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140502T194000.640625PID2800 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140502T193817.171875PID2496 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140428T195128.421875PID3272 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140428T194954.765625PID2080 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140426T083342.343750PID2756 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140426T083158.234375PID2472 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140425T153934.593750PID3676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140425T153921.265625PID2832 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140418T220744.734375PID1816 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140418T220637.359375PID840 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140416T085558.125000PID2628 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140416T085425.093750PID1692 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140413T100000.171875PID6032 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140411T071257.390625PID2596 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140411T071253.828125PID2384 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140406T100000.093750PID5724 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140404T103149.343750PID2536 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140404T103133.265625PID1680 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140401T194552.187500PID1892 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140401T194451.250000PID1256 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140329T191225.484375PID3280 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140329T191217.968750PID2540 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140326T134301.281250PID2684 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140326T134257.937500PID2200 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140323T110000.062500PID2192 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140317T190207.859375PID3208 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140317T190158.703125PID2676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140315T090626.828125PID1644 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140315T090620.750000PID3632 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140311T175815.546875PID724 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140311T175812.140625PID3656 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140310T210203.906250PID3676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140310T210158.984375PID2796 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140308T093453.500000PID3144 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140308T093434.203125PID3152 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140302T200426.406250PID3324 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140302T200412.609375PID2600 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140302T110001.656250PID2628 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140302T110000.093750PID4692 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140224T183617.281250PID3440 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140224T183612PID3972 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140224T091637.343750PID2580 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140224T091628.562500PID2288 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140217T191337.234375PID3612 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140217T191325.906250PID2928 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140216T110000.093750PID4364 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140215T081529.171875PID3548 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140215T081522.703125PID692 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140212T221757.828125PID3884 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140212T221738.281250PID2608 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140131T141831.828125PID2384 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140131T141825.187500PID3748 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140129T095144.015625PID3068 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140129T095139.140625PID2856 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140119T110000.062500PID3836 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140116T085448.093750PID3896 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140116T085333.937500PID1920 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140112T110000.031250PID5104 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140107T095738.984375PID2184 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140107T095659.312500PID724 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140107T091741.140625PID2208 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140107T091736.234375PID832 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20140105T110000.234375PID3924 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131223T074955.781250PID2276 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131223T074947.984375PID620 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131222T210107.281250PID2292 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131222T210057.937500PID3556 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131222T110000.093750PID1880 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131221T100816.031250PID3304 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131221T100813.250000PID200 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131215T110000.062500PID3392 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131213T133610.031250PID2372 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131213T133601.250000PID1848 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131202T131113.031250PID676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131202T131006.593750PID1044 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131201T110000.062500PID2296 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131129T130516.718750PID2520 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131129T130510.640625PID2404 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131126T132956.546875PID976 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131126T132953.828125PID2616 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131125T162555.531250PID2316 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131125T162444.500000PID2080 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131124T110000.062500PID5944 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131115T131201.015625PID2524 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131115T131149.625000PID2084 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131110T110000.031250PID2996 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131027T110000.062500PID4108 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131025T134445.203125PID2712 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131025T134437.734375PID2312 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131024T165612.281250PID4092 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131024T165605.734375PID3740 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131023T085646.703125PID3676 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131023T085631.875000PID3004 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131016T182121.296875PID4072 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131016T182119.718750PID3916 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131013T100000.062500PID5160 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131010T053303.765625PID3100 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131009T191625.937500PID2648 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131009T191622.906250PID1688 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131009T181235.671875PID2560 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20131006T100000.093750PID1696 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130921T152722.203125PID2508 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130921T152718.828125PID2336 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130907T135108.078125PID2284 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130907T135105.296875PID2476 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130825T100000.078125PID5892 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130820T122114.265625PID3368 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130820T122102.203125PID2088 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T100000.765625PID5864 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T090830.078125PID2844 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T090819.171875PID2284 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T085555.312500PID3512 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T085545.843750PID2612 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T084545.453125PID2916 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130818T084536.406250PID2536 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130815T063652.531250PID2612 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130815T063649.531250PID2380 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130804T110621.218750PID3328 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130804T110611.218750PID2780 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130804T100000.125000PID4268 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130731T083503.562500PID772 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130731T083450.390625PID3032 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130728T100000.140625PID3152 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130724T110556.062500PID5620 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130724T110551.218750PID788 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130724T105215.687500PID4244 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs\20130724T104730.406250PID4768 folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus\Logs folder moved successfully.
C:\Documents and Settings\Ondra\Data aplikací\Ad-Aware Antivirus folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP223.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP275.tmp\System.DirectoryServices.AccountManagement.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP275.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP321.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP407.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP58.tmp\System.Data.Entity.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP58.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5D2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CF.tmp\System.Data.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6D9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP702.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP924.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDD7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPED4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF18.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFCD.tmp folder deleted successfully.
C:\WINDOWS\CSC\csc1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI530F.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10042014_140016

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zasekaný PC

#24 Příspěvek od Márty84 »

:arrow: Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :D



:arrow: Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

:arrow:
vyosek píše: :arrow: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc. Pokud bude vse v poradku, mame hotovo.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#25 Příspěvek od maclo »

OK, měl jsem na ploše soubor s fotkami a bez nich má plocha velikost sotva 3 MB. ;-)
Nicméně stále mi lezou do google-chrome prohlížeče ty zpomalující app cache...
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zasekaný PC

#26 Příspěvek od Márty84 »

Chrome odinstalujte, vycistete CCleanerem a ADWCleanerem a pak zkuste Chrome opet nainstalovat.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
maclo
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 10 zář 2014 17:40

Re: Zasekaný PC

#27 Příspěvek od maclo »

Díky, udělal jsem to.. teď se uvidí časem, jestli je to pryč, nebo ne.
Je to všechno, nebo ještě něco budeme s PC provádět?
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: Zasekaný PC

#28 Příspěvek od Márty84 »

Pokud jede pc jak ma, je to vse :)

Tak to chvili testujte a dejte vedet, jak to vypada.

Neni zac! ;-)



10.11. :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“