VIRY.CZ

[2013.10.12 19:01:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2013.10.12 19:01:19 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2013.10.12 19:01:19 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2013.10.12 19:01:19 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2013.10.12 19:01:19 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sessmgr.exe
[2013.10.12 19:01:19 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2013.10.12 19:01:19 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2013.10.12 19:01:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2013.10.12 19:01:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpclip.exe
[2013.10.12 19:01:19 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2013.10.12 19:01:19 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2013.10.12 19:01:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2013.10.12 19:01:19 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2013.10.12 19:01:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2013.10.12 19:01:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2013.10.12 19:01:19 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icaapi.dll
[2013.10.12 19:01:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2013.10.12 19:01:18 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2013.10.12 19:01:18 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2013.10.12 19:01:18 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2013.10.12 19:01:18 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2013.10.12 19:01:18 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2013.10.12 19:01:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2013.10.12 19:01:18 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2013.10.12 19:01:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2013.10.12 19:01:18 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xolehlp.dll
[2013.10.12 19:01:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2013.10.12 19:01:17 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comadmin.dll
[2013.10.12 19:01:17 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2013.10.12 19:01:17 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2013.10.12 19:01:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2013.10.12 19:01:17 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2013.10.12 19:01:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2013.10.12 19:01:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2013.10.12 19:01:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2013.10.12 19:01:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2013.10.12 19:01:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2013.10.12 19:01:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2013.10.12 19:01:16 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvut.dll
[2013.10.12 19:01:16 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrv.dll
[2013.10.12 19:01:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatex.dll
[2013.10.12 19:01:16 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2013.10.12 19:01:16 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.dll
[2013.10.12 19:01:16 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2013.10.12 19:01:16 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2013.10.12 19:01:16 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2013.10.12 19:01:16 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2013.10.12 19:01:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2013.10.12 19:01:16 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2013.10.12 19:01:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2013.10.12 19:01:16 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2013.10.12 19:01:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2013.10.12 19:01:15 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsvcs.dll
[2013.10.12 19:01:15 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comuid.dll
[2013.10.12 19:01:15 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2013.10.12 19:01:15 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clbcatq.dll
[2013.10.12 19:01:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2013.10.12 19:01:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2013.10.12 19:01:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiutils.dll
[2013.10.12 19:01:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiadap.exe
[2013.10.12 19:01:13 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipcima.dll
[2013.10.12 19:01:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmisvc.dll
[2013.10.12 19:01:13 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprov.dll
[2013.10.12 19:01:13 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2013.10.12 19:01:13 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2013.10.12 19:01:13 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapsrv.exe
[2013.10.12 19:01:13 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2013.10.12 19:01:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2013.10.12 19:01:13 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2013.10.12 19:01:13 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2013.10.12 19:01:13 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2013.10.12 19:01:13 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2013.10.12 19:01:12 | 000,531,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcore.dll
[2013.10.12 19:01:12 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemess.dll
[2013.10.12 19:01:12 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcomn.dll
[2013.10.12 19:01:12 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2013.10.12 19:01:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2013.10.12 19:01:12 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2013.10.12 19:01:12 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2013.10.12 19:01:12 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2013.10.12 19:01:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcons.dll
[2013.10.12 19:01:12 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemsvc.dll
[2013.10.12 19:01:12 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemprox.dll
[2013.10.12 19:01:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2013.10.12 19:01:11 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2013.10.12 19:01:11 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\repdrvfs.dll
[2013.10.12 19:01:11 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofd.dll
[2013.10.12 19:01:11 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2013.10.12 19:01:11 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ncprov.dll
[2013.10.12 19:01:11 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2013.10.12 19:01:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2013.10.12 19:01:11 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2013.10.12 19:01:10 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cimwin32.dll
[2013.10.12 19:01:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\esscli.dll
[2013.10.12 19:01:10 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2013.10.12 19:01:09 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2013.10.12 19:01:09 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2013.10.12 19:01:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2013.10.12 19:01:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licwmi.dll
[2013.10.12 19:01:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2013.10.12 19:01:09 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2013.10.12 19:01:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2013.10.12 19:01:09 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2013.10.12 18:52:46 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Příslušenství
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========

[2013.10.20 12:44:23 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.10.20 12:42:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.20 12:32:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.10.20 12:22:53 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.10.20 12:22:01 | 003,608,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.20 12:21:49 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.10.20 12:21:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.10.20 11:58:21 | 000,435,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.10.20 11:58:21 | 000,431,648 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.10.20 11:58:21 | 000,078,694 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.10.20 11:58:21 | 000,068,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.10.18 18:45:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.10.17 18:57:40 | 000,005,632 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.16 20:50:35 | 000,000,680 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\PDF Architect.lnk
[2013.10.16 20:43:02 | 000,000,706 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\PDFCreator.lnk
[2013.10.16 17:12:01 | 000,001,841 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\capcerny.gif
[2013.10.15 20:32:55 | 000,001,590 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Stellarium.lnk
[2013.10.15 20:19:50 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.10.14 20:33:18 | 000,117,725 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Untitled 1.jpg
[2013.10.14 18:43:13 | 000,054,376 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013.10.14 15:15:56 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.10.13 13:54:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI
[2013.10.13 11:39:53 | 000,000,771 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\PhotoFiltre Studio X.lnk
[2013.10.13 11:38:11 | 000,000,828 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Youtube Downloader HD.lnk
[2013.10.13 11:19:33 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\KMPlayer.lnk
[2013.10.13 11:08:20 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2013.10.13 10:28:25 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Epson Easy Photo Print.lnk
[2013.10.13 10:27:13 | 000,000,306 | ---- | M] () -- C:\WINDOWS\setup.iss
[2013.10.13 10:24:41 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\EPSON Scan.lnk
[2013.10.13 00:22:41 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader XI.lnk
[2013.10.12 22:22:14 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2013.10.12 22:16:58 | 000,000,548 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Total Commander.lnk
[2013.10.12 21:23:45 | 000,001,486 | ---- | M] () -- C:\WINDOWS\ATICIM.INI
[2013.10.12 21:03:03 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2013.10.12 20:51:08 | 000,005,208 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF
[2013.10.12 20:48:05 | 000,001,519 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AvRack.lnk
[2013.10.12 20:14:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.10.12 20:14:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.10.12 20:07:57 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2013.10.12 20:05:29 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.10.12 19:12:32 | 000,013,588 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2013.10.12 19:08:08 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2013.10.12 19:07:13 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.10.12 19:05:14 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.10.12 19:05:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013.10.12 19:05:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013.10.12 19:05:14 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2013.10.12 19:05:14 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2013.10.12 19:05:06 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2013.10.12 19:05:05 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.10.12 19:05:05 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.10.12 19:04:57 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.10.12 19:02:33 | 000,021,812 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.10.12 18:52:17 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013.10.08 07:50:41 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.10.08 07:46:52 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.10.08 07:46:47 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.10.08 07:46:23 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.10.08 07:29:36 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.10.06 11:09:02 | 000,388,590 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\DSC02828.jpg
[2013.10.06 10:30:50 | 002,652,630 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\IMG_0784.jpg
[2013.10.01 19:53:52 | 000,899,032 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\del2.png
[2013.09.23 23:55:10 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013.09.23 20:25:11 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013.09.23 20:25:11 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013.09.23 20:25:11 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013.09.23 20:25:11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013.09.23 20:25:11 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013.09.23 20:25:11 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013.09.23 20:25:11 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013.09.23 20:25:11 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013.09.23 20:25:10 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013.09.23 20:25:10 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013.09.23 20:25:09 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013.09.23 20:25:09 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013.09.23 20:25:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013.09.23 20:25:09 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013.09.23 20:25:09 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.09.23 20:25:09 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013.09.23 20:25:09 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013.09.23 20:25:09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013.09.23 20:25:09 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013.09.23 20:25:09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013.09.23 20:25:09 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013.09.23 20:25:08 | 002,006,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013.09.23 20:25:08 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013.09.23 20:25:08 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013.09.23 20:25:06 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013.09.23 20:25:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013.09.23 20:25:06 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013.09.23 20:25:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll
[2013.09.23 20:25:06 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll
[2013.09.23 20:06:49 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013.09.23 20:06:49 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013.09.23 20:06:48 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.10.20 12:24:49 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Admin\Nabídka Start\Programy\Internet Explorer.lnk
[2013.10.19 18:38:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.10.17 16:29:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.10.17 16:29:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.10.16 20:50:34 | 000,000,680 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\PDF Architect.lnk
[2013.10.16 20:43:02 | 000,000,706 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\PDFCreator.lnk
[2013.10.16 17:11:03 | 000,001,841 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\capcerny.gif
[2013.10.15 20:32:55 | 000,001,590 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Stellarium.lnk
[2013.10.14 20:33:17 | 000,117,725 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Untitled 1.jpg
[2013.10.13 21:01:26 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Photoshop CS6.lnk
[2013.10.13 20:58:17 | 000,000,816 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Bridge CS6.lnk
[2013.10.13 20:53:40 | 000,001,000 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Extension Manager CS6.lnk
[2013.10.13 20:53:16 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe ExtendScript Toolkit CS6.lnk
[2013.10.13 20:49:46 | 000,054,376 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2013.10.13 16:19:57 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.13 13:54:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2013.10.13 11:08:20 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\iTunes.lnk
[2013.10.13 11:03:55 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.10.13 11:03:19 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Apple Software Update.lnk
[2013.10.13 10:28:25 | 000,001,808 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Epson Easy Photo Print.lnk
[2013.10.13 10:27:11 | 000,000,306 | ---- | C] () -- C:\WINDOWS\setup.iss
[2013.10.13 10:24:41 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\EPSON Scan.lnk
[2013.10.13 00:22:41 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Adobe Reader XI.lnk
[2013.10.13 00:22:41 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader XI.lnk
[2013.10.12 23:57:49 | 000,891,913 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Wow.gif
[2013.10.12 23:57:49 | 000,175,550 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\You Should Be Writing.gif
[2013.10.12 23:57:48 | 012,727,592 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Universe 5.jpg
[2013.10.12 23:57:47 | 009,841,390 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Universe 4.jpg
[2013.10.12 23:57:47 | 000,756,827 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_mp9owsh3zF1snbbtno1_1280.jpg
[2013.10.12 23:57:47 | 000,363,520 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Universe 1.jpg
[2013.10.12 23:57:47 | 000,240,484 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_mn120tZUP81rxfhjbo4_1280.jpg
[2013.10.12 23:57:47 | 000,209,781 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_mg0hguah4G1rqn9qeo1_1280.jpg
[2013.10.12 23:57:47 | 000,139,666 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_m7f3u9Pp0h1qg0ynoo1_1280.jpg
[2013.10.12 23:57:47 | 000,128,624 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_mlh5muHgFy1qisjo9o1_400.png
[2013.10.12 23:57:47 | 000,111,282 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_mdmzfwozLM1r2v06xo1_1280.jpg
[2013.10.12 23:57:47 | 000,088,632 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_m1mm027BFI1qfjd5ao6_r1_250.jpg
[2013.10.12 23:57:46 | 001,612,537 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Serene_Wallpaper_by_myINQI.jpg
[2013.10.12 23:57:46 | 000,646,290 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_m1h2ekEjlK1qj73e2o1_500.gif
[2013.10.12 23:57:46 | 000,552,652 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Scan of my head.jpg
[2013.10.12 23:57:46 | 000,215,326 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Snow-White-and-the-Huntsman-Sam-Claflin.jpg
[2013.10.12 23:57:46 | 000,177,979 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Suzukiho střečink.png
[2013.10.12 23:57:46 | 000,174,515 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\result card.jpg
[2013.10.12 23:57:46 | 000,138,747 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_lndodnl2FE1qbolbn.jpg
[2013.10.12 23:57:46 | 000,118,118 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\tumblr_lndoah0oAB1qbolbn.jpg
[2013.10.12 23:57:46 | 000,084,350 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Preach it, true, me, love.png
[2013.10.12 23:57:46 | 000,047,001 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Medaile.jpg
[2013.10.12 23:57:46 | 000,021,526 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Na co se hodím - VŠ.png
[2013.10.12 23:57:46 | 000,015,095 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\muj výsledek testu temperamentu 2.png
[2013.10.12 23:57:46 | 000,013,660 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Mars awesome.jpg
[2013.10.12 23:57:46 | 000,003,780 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\muj výsledek testu temperamentu.png
[2013.10.12 23:57:46 | 000,003,072 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\photothumb.db
[2013.10.12 23:57:46 | 000,001,951 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\template.cfg
[2013.10.12 23:57:46 | 000,000,156 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\mouse thing.png
[2013.10.12 23:57:45 | 002,217,959 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\london-map-big.jpg
[2013.10.12 23:57:45 | 000,698,068 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\iphone 5 wall.jpg
[2013.10.12 23:57:45 | 000,582,962 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\London BBC Olympic.jpg
[2013.10.12 23:57:45 | 000,359,338 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Horses in the LOTR.png
[2013.10.12 23:57:45 | 000,312,607 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\books.jpg
[2013.10.12 23:57:45 | 000,201,340 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\FB Meme pictures.png
[2013.10.12 23:57:45 | 000,113,083 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Bestiary_Page_-_Shauna_large.jpg
[2013.10.12 23:57:45 | 000,097,403 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\icz,550x857,iphone5_deflector.u2.jpg
[2013.10.12 23:57:45 | 000,085,940 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Colorscop, truthful.png
[2013.10.12 23:57:45 | 000,063,268 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\icz,550x857,iphone5_deflector.u8.jpg
[2013.10.12 23:57:45 | 000,060,519 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Co mi koupit.png
[2013.10.12 23:57:45 | 000,040,554 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\Kniha ke koupení #1.jpg
[2013.10.12 23:57:45 | 000,007,977 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\london_olympics_2012_logo.png
[2013.10.12 23:57:44 | 001,920,264 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\31829.jpg
[2013.10.12 23:57:44 | 000,985,379 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\argent_family_history.jpg
[2013.10.12 23:57:44 | 000,307,496 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\345009-original1-9bk31.jpg
[2013.10.12 23:57:44 | 000,291,002 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\345011-original1-5pieo.jpg
[2013.10.12 23:57:44 | 000,020,942 | ---- | C] () -- C:\Documents and Settings\Admin\Dokumenty\93t4o0.jpeg
[2013.10.12 22:22:14 | 000,000,719 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\VLC media player.lnk
[2013.10.12 22:21:32 | 002,273,748 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Untitled-3.psd
[2013.10.12 22:21:32 | 000,001,663 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Vegas Pro 9.0.lnk
[2013.10.12 22:21:32 | 000,000,828 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Youtube Downloader HD.lnk
[2013.10.12 22:21:25 | 112,726,937 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Untitled-2.psd
[2013.10.12 22:21:24 | 002,364,679 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Untitled-1.jpg
[2013.10.12 22:21:24 | 002,207,862 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Untitled-1b.jpg
[2013.10.12 22:21:24 | 001,692,608 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\sketch DH.psd
[2013.10.12 22:21:24 | 000,404,406 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\sketxch.psd
[2013.10.12 22:21:24 | 000,240,913 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\stiles shirt concept.psd
[2013.10.12 22:21:23 | 000,000,771 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\PhotoFiltre Studio X.lnk
[2013.10.12 22:21:19 | 000,000,710 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\KMPlayer.lnk
[2013.10.12 22:21:18 | 000,531,573 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\isaac.gif
[2013.10.12 22:21:17 | 009,868,047 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\IMG_5757c.jpg
[2013.10.12 22:21:16 | 003,448,428 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\IMG_5757.jpg
[2013.10.12 22:21:15 | 002,652,630 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\IMG_0784.jpg
[2013.10.12 22:21:15 | 000,708,479 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Ice Wallpaper.jpg
[2013.10.12 22:21:05 | 000,388,590 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\DSC02828.jpg
[2013.10.12 22:21:04 | 000,899,032 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\del2.png
[2013.10.12 22:21:04 | 000,096,731 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\asanyzd.jpg
[2013.10.12 22:21:04 | 000,096,535 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\533892_136050983271777_534307905_n.jpg
[2013.10.12 22:21:04 | 000,000,946 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\3herosoft iPhone to Computer Transfer.lnk
[2013.10.12 22:21:04 | 000,000,854 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Adobe Photoshop CS6.lnk
[2013.10.12 22:16:58 | 000,000,548 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Total Commander.lnk
[2013.10.12 21:29:07 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2013.10.12 21:28:38 | 000,005,396 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2013.10.12 21:28:35 | 000,095,617 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013.10.12 21:28:33 | 000,524,850 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2013.10.12 21:28:32 | 000,058,521 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2013.10.12 21:28:32 | 000,000,900 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2013.10.12 21:28:31 | 000,021,472 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2013.10.12 21:23:44 | 000,001,486 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2013.10.12 21:03:02 | 000,001,707 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Avira Control Center.lnk
[2013.10.12 20:51:08 | 000,005,208 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2013.10.12 20:48:05 | 000,001,519 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AvRack.lnk
[2013.10.12 20:48:04 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2013.10.12 20:48:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.10.12 20:48:02 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.10.12 20:48:01 | 000,141,016 | ---- | C] () -- C:\WINDOWS\System32\alsndmgr.wav
[2013.10.12 20:34:25 | 000,001,393 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.10.12 20:34:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.10.12 20:34:20 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2013.10.12 20:34:20 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2013.10.12 20:34:20 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2013.10.12 20:34:19 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2013.10.12 20:34:05 | 000,001,592 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2013.10.12 20:33:56 | 001,246,067 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2013.10.12 20:33:56 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2013.10.12 20:33:56 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2013.10.12 20:33:56 | 000,171,588 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2013.10.12 20:33:56 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2013.10.12 20:33:56 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2013.10.12 20:33:56 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2013.10.12 20:33:56 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2013.10.12 20:33:56 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2013.10.12 20:33:56 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2013.10.12 20:33:56 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2013.10.12 20:33:56 | 000,007,407 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2013.10.12 20:33:56 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2013.10.12 20:33:55 | 002,033,597 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2013.10.12 20:33:55 | 000,545,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2013.10.12 20:33:16 | 003,608,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.12 20:32:06 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2013.10.12 20:32:04 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2013.10.12 20:14:25 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.10.12 20:07:57 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2013.10.12 20:07:57 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2013.10.12 20:04:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.10.12 19:48:43 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.10.12 19:48:43 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.10.12 19:12:52 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Admin\Nabídka Start\Programy\Outlook Express.lnk
[2013.10.12 19:12:46 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Admin\Nabídka Start\Programy\Vzdálená pomoc.lnk
[2013.10.12 19:12:46 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Admin\Nabídka Start\Programy\Windows Media Player.lnk
[2013.10.12 19:12:33 | 000,013,588 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2013.10.12 19:08:08 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2013.10.12 19:07:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.10.12 19:06:40 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2013.10.12 19:06:26 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2013.10.12 19:06:21 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2013.10.12 19:06:20 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2013.10.12 19:06:18 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2013.10.12 19:06:03 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2013.10.12 19:05:55 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2013.10.12 19:05:52 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2013.10.12 19:05:44 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2013.10.12 19:05:14 | 000,002,504 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.10.12 19:05:14 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013.10.12 19:05:14 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013.10.12 19:05:14 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2013.10.12 19:05:14 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2013.10.12 19:05:05 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2013.10.12 19:05:05 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2013.10.12 19:05:04 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2013.10.12 19:04:04 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Movie Maker.lnk
[2013.10.12 19:03:53 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2013.10.12 19:03:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2013.10.12 19:03:38 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2013.10.12 19:03:32 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2013.10.12 19:02:53 | 000,378,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2013.10.12 19:02:33 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.10.12 19:01:54 | 000,000,615 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows Messenger.lnk
[2013.10.12 19:01:33 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Mýdlové bubliny.bmp
[2013.10.12 19:01:33 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prérijní vítr.bmp
[2013.10.12 19:01:33 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Omítka Santa Fe.bmp
[2013.10.12 19:01:33 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Řeka Sumida.bmp
[2013.10.12 19:01:33 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Zelený kámen.bmp
[2013.10.12 19:01:33 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2013.10.12 19:01:33 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybách.bmp
[2013.10.12 19:01:33 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Zrnko kávy.bmp
[2013.10.12 19:01:33 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Textura peří.bmp
[2013.10.12 19:01:33 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2013.10.12 19:01:33 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Modrá krajka 16.bmp
[2013.10.12 19:01:30 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2013.10.12 19:01:30 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2013.10.12 19:01:29 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2013.10.12 19:01:25 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== ZeroAccess Check ==========

[2013.10.20 11:14:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 14:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2008.04.14 14:00:00 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.10.13 12:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Epson
[2013.10.12 22:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GHISLER
[2013.10.16 20:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PDF Architect
[2013.10.16 20:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\pdfforge
[2013.10.13 12:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PhotoFiltre Studio X
[2013.10.15 20:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Stellarium
[2013.10.13 11:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.10.13 12:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2013.10.13 21:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2013.10.13 10:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL

========== Purity Check ==========



========== Custom Scans ==========

< >
[2013.10.12 19:03:28 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.10.12 19:11:38 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.10.12 19:48:43 | 000,000,934 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.10.12 19:48:43 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.10.12 20:14:25 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.10.13 11:03:55 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 14:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 14:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 14:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 14:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3gdr\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 14:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[3 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\05c83630e577180a6a642bbb394e7211\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\05c83630e577180a6a642bbb394e7211\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\07c90dcbdedfe16c2b58e68ce910936a\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\07c90dcbdedfe16c2b58e68ce910936a\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\0e27fa7cf449edcd0784d651cb1f5b00\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\0e27fa7cf449edcd0784d651cb1f5b00\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\136cdc2b1904bf86b2e87d2caaedfef9\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\13950f988785909a8a5806a2f8390fc4\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\13950f988785909a8a5806a2f8390fc4\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\19c45c69df27a0ffb27956cd0f100081\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\19c45c69df27a0ffb27956cd0f100081\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\19e1b9dbe5fb829f9906789674a9b995\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3a31a9b2bab7c501cc7eeb38d1120e70\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\3ad0d6ab91f979e8dd454e1a150ef2af\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\3ad0d6ab91f979e8dd454e1a150ef2af\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\40346ccf2ba5813db2e03a3c8a0f73c2\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\40346ccf2ba5813db2e03a3c8a0f73c2\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\41b2219405346d6421a1b21083eb6dd7\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\41b2219405346d6421a1b21083eb6dd7\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\462582a2e5cff3bfb24aa9cc2b8760af\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\462582a2e5cff3bfb24aa9cc2b8760af\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\5db7a877065f22a46eceb72c7cc0c26a\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\7bdb1fc2c71999833bcae67284ba2362\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\7bdb1fc2c71999833bcae67284ba2362\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\7d02ea938f2eb2f9268e588f7e72699b\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\7d02ea938f2eb2f9268e588f7e72699b\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\805e34e596e447f1c06e29dafea311a6\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\805e34e596e447f1c06e29dafea311a6\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\8d98e4fcc1fda6508056ced9f2044d1c\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\94cb1155beed812ad7f0048d578b46e3\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\94cb1155beed812ad7f0048d578b46e3\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9a5dba8e123037125f0c78f9ceb7aa55\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9a5dba8e123037125f0c78f9ceb7aa55\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\9e63b065ada74f7e371b81cee9619471\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\9e63b065ada74f7e371b81cee9619471\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b3993f5002ca0cf67a514802a528a980\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b3993f5002ca0cf67a514802a528a980\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\b3ba0f7542150a0ff634f02bb11873ed\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\b3ba0f7542150a0ff634f02bb11873ed\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c120217a7d1110e0f3ef3c53b5c9ce6d\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c120217a7d1110e0f3ef3c53b5c9ce6d\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c7009c335500dda6e89a802c109fc30b\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c7009c335500dda6e89a802c109fc30b\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c808aa3996032289f4614a62ac1962af\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c808aa3996032289f4614a62ac1962af\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\c969b1ed54d60d037fcf363e13ae8f5a\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\c969b1ed54d60d037fcf363e13ae8f5a\download\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d1268211fc08fcf69eb9a014e0e501ad\download\*.tmp -> ]
[20 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
[2 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[47 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.10.17 19:40:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2013.10.15 19:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Apple Computer
[2013.10.12 21:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Avira
[2013.10.13 12:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Epson
[2013.10.12 22:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GHISLER
[2013.10.13 12:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2013.10.13 10:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InstallShield
[2013.10.12 20:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2013.10.13 08:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2013.10.17 19:40:23 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2013.10.12 20:08:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2013.10.16 20:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PDF Architect
[2013.10.16 20:43:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\pdfforge
[2013.10.13 12:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PhotoFiltre Studio X
[2013.10.15 20:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Stellarium
[2013.10.13 00:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2013.10.18 19:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\vlc
[2013.10.13 15:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[20 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2013.10.12 20:32:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.10.12 20:32:06 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.10.12 20:32:06 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[20 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.10.20 12:22:01 | 003,608,360 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.10.20 12:35:44 | 000,004,084 | ---- | M] () -- C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
[2013.10.20 11:58:21 | 000,078,694 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.10.20 11:58:21 | 000,068,156 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.10.20 11:58:21 | 000,431,648 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.10.20 11:58:21 | 000,435,260 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.10.20 11:58:21 | 000,985,814 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.10.19 17:48:07 | 000,006,196 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2013.10.18 18:45:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[20 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"EPSON SX230 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE /FU "C:\DOCUME~1\Admin\LOCALS~1\Temp\E_S52.tmp" /EF "HKCU" -- [2011.01.21 09:01:00 | 000,212,480 | ---- | M] (SEIKO EPSON CORPORATION)
"AdobeBridge" =

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< >

< type c:\boot.ini >> test.txt /c >
No captured output from command...

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.20 12:42:21 | 000,000,512 | ---- | M] () MD5=7FB2926D047C4900E5FD74949E74C507 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.10.13 11:31:10 | 004,726,312 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Stažené soubory\youtube_downloader_hd_setup.exe
[2013.10.12 20:12:45 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4LQRK5EV\downloaderror[1].js
[2013.10.13 00:20:30 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4LQRK5EV\downloaderror[2].js
[2013.10.12 20:12:45 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4LQRK5EV\downloader[1].js
[2013.10.13 00:20:30 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4LQRK5EV\downloader[2].js
[2013.10.12 19:38:00 | 000,001,737 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\4TQ7OH6J\ajax-loader-small[1].gif
[2013.10.13 11:38:11 | 000,000,828 | ---- | M] () -- \Documents and Settings\Admin\Plocha\Youtube Downloader HD.lnk
[2013.10.13 11:38:10 | 000,000,840 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Youtube Downloader HD\Youtube Downloader HD.lnk
[2012.03.13 12:18:28 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 10:41:34 | 000,000,860 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 10:41:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 10:42:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 10:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 10:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 10:42:06 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.07.31 23:53:11 | 000,053,304 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.07.17 19:38:05 | 000,233,016 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.07.31 23:53:16 | 001,741,368 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2012.02.22 23:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 23:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 23:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.04.21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2007.10.24 02:52:00 | 000,114,688 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.24 02:52:00 | 000,069,632 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.24 02:52:00 | 000,102,400 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2012.05.04 00:03:14 | 000,370,070 | ---- | M] () -- \Program Files\Youtube Downloader HD\downloader-hd.ico
[2013.10.09 23:59:14 | 006,347,520 | ---- | M] () -- \Program Files\Youtube Downloader HD\YouTubeDownloaderHD.exe
[2013.10.13 11:38:11 | 000,000,061 | ---- | M] () -- \Program Files\Youtube Downloader HD\YoutubeDownloaderHD.url
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[20 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\system32\DirectX\DX84.tmp\dmloader.dll
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2 \WINDOWS\system32\dllcache\*.tmp files -> \WINDOWS\system32\dllcache\*.tmp -> ]

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2008.07.29 19:16:38 | 000,966,656 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013.10.20 11:57:59 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.20 11:28:13 | 000,966,656 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.10.20 12:05:06 | 002,338,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
[2013.10.20 12:09:15 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.29 19:16:38 | 000,966,656 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[20 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2 \WINDOWS\system32\dllcache\*.tmp files -> \WINDOWS\system32\dllcache\*.tmp -> ]
[2008.04.14 14:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2013.10.20 09:41:16 | 101,983,560 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㟊Ⱅ啔;
[2013.10.20 09:41:16 | 101,983,560 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㟊Ⱅ啔;
[2013.10.19 16:22:38 | 101,916,422 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꍪ馤啔;
[2013.10.19 16:22:38 | 101,916,422 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꍪ馤啔;
[2013.10.16 16:54:27 | 101,406,750 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\萺⪵啔;
[2013.10.16 16:54:27 | 101,406,750 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\萺⪵啔;
[2013.10.14 15:00:12 | 100,857,291 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ʢ啔;
[2013.10.14 15:00:12 | 100,857,291 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ʢ啔;
[2013.10.12 23:57:46 | 000,000,026 | ---- | C] ()(C:\Documents and Settings\Admin\Dokumenty\Snow-White-and-the-Huntsman-Sam-Claflin.jpg?Zone.Identifier) -- C:\Documents and Settings\Admin\Dokumenty\Snow-White-and-the-Huntsman-Sam-Claflin.jpgZone.Identifier
[2013.10.12 23:57:46 | 000,000,026 | ---- | C] ()(C:\Documents and Settings\Admin\Dokumenty\Serene_Wallpaper_by_myINQI.jpg?Zone.Identifier) -- C:\Documents and Settings\Admin\Dokumenty\Serene_Wallpaper_by_myINQI.jpgZone.Identifier
[2013.10.12 23:57:46 | 000,000,026 | ---- | C] ()(C:\Documents and Settings\Admin\Dokumenty\result card.jpg?Zone.Identifier) -- C:\Documents and Settings\Admin\Dokumenty\result card.jpgZone.Identifier
[2013.10.12 23:57:46 | 000,000,000 | ---- | C] ()(C:\Documents and Settings\Admin\Dokumenty\Thumbs.db?encryptable) -- C:\Documents and Settings\Admin\Dokumenty\Thumbs.dbencryptable
[2013.07.11 21:05:14 | 000,000,000 | ---- | M] ()(C:\Documents and Settings\Admin\Dokumenty\Thumbs.db?encryptable) -- C:\Documents and Settings\Admin\Dokumenty\Thumbs.dbencryptable
[2012.09.09 18:23:50 | 000,000,026 | ---- | M] ()(C:\Documents and Settings\Admin\Dokumenty\result card.jpg?Zone.Identifier) -- C:\Documents and Settings\Admin\Dokumenty\result card.jpgZone.Identifier
[2012.08.04 16:33:04 | 000,000,026 | ---- | M] ()(C:\Documents and Settings\Admin\Dokumenty\Serene_Wallpaper_by_myINQI.jpg?Zone.Identifier) -- C:\Documents and Settings\Admin\Dokumenty\Serene_Wallpaper_by_myINQI.jpgZone.Identifier
[2012.05.25 08:45:06 | 000,000,026 | ---- | M] ()(C:\Documents and Settings\Admin\Dokumenty\Snow-White-and-the-Huntsman-Sam-Claflin.jpg?Zone.Identifier) -- C:\Documents and Settings\Admin\Dokumenty\Snow-White-and-the-Huntsman-Sam-Claflin.jpgZone.Identifier

< End of report >

OTL Extras logfile created on: 20.10.2013 12:37:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,48 Mb Total Physical Memory | 117,14 Mb Available Physical Memory | 13,10% Memory free
2,21 Gb Paging File | 1,32 Gb Available in Paging File | 59,76% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 168,32 Gb Free Space | 72,28% Space Free | Partition Type: NTFS
Drive E: | 150,37 Gb Total Space | 65,74 Gb Free Space | 43,72% Space Free | Partition Type: FAT32

Computer Name: ADMIN-130349736 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe" = C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe:*:Enabled:KMPProcess


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9B486871-27EB-49A5-8832-77176E63333C}" = iTunes
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"EPSON Scanner" = EPSON Scan
"EPSON SX230 Series" = EPSON SX230 Series Printer Uninstall
"EPSON SX230 Series Bog" = Základní uživatelská příručka EPSON SX230 Series
"EPSON SX230 Series Useg" = Uživatelská příručka EPSON SX230 Series
"ie8" = Windows Internet Explorer 8
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 24.0 (x86 cs)" = Mozilla Firefox 24.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PROR" = Microsoft Office Professional 2007
"Stellarium_is1" = Stellarium 0.12.4
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.1.0
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.9.8

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.10.2013 14:38:28 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iesetup.exe, verze 8.0.6001.18702, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 16.10.2013 12:36:51 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 16.10.2013 12:36:52 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 16.10.2013 13:58:28 | Computer Name = ADMIN-130349736 | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.4518.1014, P3
ntdll.dll, P4 5.1.2600.5512, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 16.10.2013 14:40:14 | Computer Name = ADMIN-130349736 | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.4518.1014, P3
ntdll.dll, P4 5.1.2600.5512, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 17.10.2013 14:24:35 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.10.2013 14:24:36 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.10.2013 6:39:39 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.10.2013 14:05:16 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 19.10.2013 14:05:17 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace IEXPLORE.EXE, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 15.10.2013 9:41:26 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 9:41:29 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 9:41:33 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 9:41:37 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 9:41:40 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 9:41:44 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 9:41:47 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 12:54:07 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 12:54:07 | Computer Name = ADMIN-130349736 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk1\D má chybný blok.

Error - 15.10.2013 12:54:36 | Computer Name = ADMIN-130349736 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby wuauserv
s argumenty za účelem spuštění serveru: {E60687F7-01A1-40AA-86AC-DB1CBF673334}


< End of report >

Vypnete antivir, at nebrani programu v praci!
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 192772085 bytes
->Temporary Internet Files folder emptied: 115395719 bytes
->FireFox cache emptied: 431397206 bytes
->Google Chrome cache emptied: 6442031 bytes
->Flash cache emptied: 6559 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 701448 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2351732 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 65248669 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 117967124 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 889,00 mb


[EMPTYFLASH]

User: Admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Error: No service named PanService was found to stop!
Service\Driver key PanService not found.
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP11B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP202.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP255.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP256.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP283.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP287.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP35C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP36D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP413.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP450.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D0.tmp\PresentationFramework.Aero.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP527.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP61C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6FF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7DD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP801.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP84D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP855.tmp folder deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\9e63b065ada74f7e371b81cee9619471\download\BITE2.tmp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\system folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\sysbckup folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\inf\ks.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\inf\kscaptur.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\inf\ksfilter.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\inf folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\help folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\drivers folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\directx folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\amstream.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\bda.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\bdaplgin.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\BdaSup.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ccdecode.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ccdecode.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3d8.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3d8thk.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3d8thk.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3d9.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dim.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dim.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dim700.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dpmesh.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dpmesh.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dramp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dramp.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3drm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3drm.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dxof.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\d3dxof.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ddraw.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ddrawex.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\devenum.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\diactfrm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\diactfrm.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\diactfrm.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoy.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoybrz.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoychs.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoycht.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoycze.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoydut.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyfrn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyger.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyitn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyjpn.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoykor.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoypol.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyrus.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyspa.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dijoyswe.hlp deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dimap.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dimap.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dimaps.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dinput.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dinput.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dinput.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dinput8.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dinput8.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmband.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmcompos.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmime.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmloader.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmscript.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmstyle.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmsynth.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmusic.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dmusic.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dplay.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dplaysvr.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dplayx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpmodemx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpnaddr.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpnet.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpnhpast.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpnhupnp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpnlobby.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpnsvr.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpvacm.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpvoice.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpvoice.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpvsetup.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpvvox.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dpwsockx.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dsdmo.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dsdmoprp.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dsound.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dsound.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dsound.vxd deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dsound3d.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dswave.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dx7vb.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dx8vb.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dx9bda.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dx9bdaxp.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dx9w2k.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxapi.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxapi.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxbda.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiabrz.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiachs.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiacht.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiacze.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiadut.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiafrn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiag.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiag.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiager.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiagn.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiaitn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiajpn.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiakor.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiapol.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiarus.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiaspa.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdiaswe.chm deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdllreg.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxdllreg.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxnetsrv.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxnetsrv.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxnt.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxntunp.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxver.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxxp.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\dxxp.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\encapi.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\gcdef.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\gcdef.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ipsink.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\joy.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\joy.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ks.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ks.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\kscaptur.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ksfilter.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ksolay.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ksproxy.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ksreg.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\kstvtune.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ksuser.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\kswdmcap.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ksxbar.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\l3codecx.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mciqtz32.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mpe.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mpe.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\Mpeg2Data.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mpg2splt.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\msdmo.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\msdv.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\MSDvbNP.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mskssrv.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mspclock.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mspqm.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mstee.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\MSVidCtl.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\mswebdvd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\msyuv.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\nabtsfec.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\nabtsfec.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ndisip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\ndisip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\pid.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\pid.xpg deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\psisdecd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\psisrndr.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\qasf.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\qcap.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\qdv.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\qdvd.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\qedit.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\qedwipes.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\quartz.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\quartz.w2k deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\slip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\slip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\stream.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\streamip.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\streamip.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\swenum.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\vbisurf.ax deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\wstcodec.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\wstcodec.sys deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp\wstdecod.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX84.tmp folder deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.

OTL by OldTimer - Version 3.2.69.0 log created on 10202013_200336

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Ted by to chtelo ten ComboFix

Pokusím se k tomu odvážit

Nemusite se toho tak bat

Tak se mi po spuštění PC začala objevovat tabulka „Server je zaneprázdněn”, docela mě to otravuje. Co to způsobuje?

Nevim. Potreboval bych ten log z CF

Tak tady je
ComboFix 13-11-01.03 - Admin 02.11.2013 13:44:38.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.894.571 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\regopt.log
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-02 do 2013-11-02 )))))))))))))))))))))))))))))))
.
.
2013-10-20 18:03 . 2013-10-20 18:03 -------- d-----w- C:\_OTL
2013-10-20 09:20 . 2013-10-20 09:24 -------- d-----w- C:\28be117aadd7149fc4
2013-10-19 16:38 . 2013-10-20 10:42 512 ----a-w- C:\PhysicalMBR.bin
2013-10-14 17:50 . 2013-10-14 18:01 -------- d-----w- C:\AdwCleaner
2013-10-13 10:39 . 2013-10-13 10:39 -------- d-----w- C:\rsit
2013-10-13 10:13 . 2013-10-13 10:13 -------- d-----r- C:\MSOCache
2013-10-12 20:16 . 2013-10-12 20:17 -------- d-----w- C:\totalcmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 18:25 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2008-04-14 12:00 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-08-29 07:01 . 2008-04-14 12:00 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2008-04-14 12:00 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2008-04-14 12:00 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2008-04-14 12:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2008-04-14 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-17 347192]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
"ApnTBMon"="c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-12 1673680]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe /h [2011-11-27 1703936]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\PANDORA.TV\\PanService\\KMPProcess.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [12.10.2013 20:01 37352]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.5.2009 16:07 759048]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12.10.2013 20:02 84024]
R2 APNMCP;Ask Update Service;c:\program files\AskPartnerNetwork\Toolbar\apnmcp.exe [12.10.2013 3:09 166352]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\KMPService.exe [27.10.2013 20:06 1922600]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [8.4.2013 17:44 1320496]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [8.4.2013 17:43 799280]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt --> c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [14.10.2013 14:15 40776]
S4 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [12.10.2013 20:01 815160]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12 18:49]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/?clid=1
FF - ExtSQL: 2013-10-12 04:10; toolbar_ATU4-V7@apn.ask.com; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\toolbar_ATU4-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-10-13 10:45; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-10-20 11:39; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-02 13:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(504)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(560)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Celkový čas: 2013-11-02 13:50:47
ComboFix-quarantined-files.txt 2013-11-02 12:50
.
Před spuštěním: Volných bajtů: 178 594 967 552
Po spuštění: Volných bajtů: 178 691 698 688
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - A36EB086BD2321508DC29620C00D7027
413FC2A0C716421B3158746D63736515

Presunte ComboFix na plochu. Musi tam byt!

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

ComboFix 13-11-01.03 - Admin 02.11.2013 15:26:45.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.894.246 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Admin\Plocha\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-02 do 2013-11-02 )))))))))))))))))))))))))))))))
.
.
2013-10-20 18:03 . 2013-10-20 18:03 -------- d-----w- C:\_OTL
2013-10-20 09:20 . 2013-10-20 09:24 -------- d-----w- C:\28be117aadd7149fc4
2013-10-19 16:38 . 2013-10-20 10:42 512 ----a-w- C:\PhysicalMBR.bin
2013-10-14 17:50 . 2013-10-14 18:01 -------- d-----w- C:\AdwCleaner
2013-10-13 10:39 . 2013-10-13 10:39 -------- d-----w- C:\rsit
2013-10-13 10:13 . 2013-10-13 10:13 -------- d-----r- C:\MSOCache
2013-10-12 20:16 . 2013-10-12 20:17 -------- d-----w- C:\totalcmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 18:25 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2008-04-14 12:00 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-08-29 07:01 . 2008-04-14 12:00 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2008-04-14 12:00 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2008-04-14 12:00 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2008-04-14 12:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2008-04-14 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-17 347192]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe /h [2011-11-27 1703936]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [12.10.2013 20:01 37352]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.5.2009 16:07 759048]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12.10.2013 20:02 84024]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [8.4.2013 17:44 1320496]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [8.4.2013 17:43 799280]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt --> c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [14.10.2013 14:15 40776]
S4 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [12.10.2013 20:01 815160]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/?clid=1
FF - ExtSQL: 2013-10-12 04:10; toolbar_ATU4-V7@apn.ask.com; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\toolbar_ATU4-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-10-13 10:45; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-10-20 11:39; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-02 15:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(504)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(560)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(836)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Translate Client\translateclient.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2013-11-02 15:39:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-02 14:39
ComboFix2.txt 2013-11-02 14:22
ComboFix3.txt 2013-11-02 12:50
.
Před spuštěním: Volných bajtů: 178 630 270 976
Po spuštění: Volných bajtů: 178 621 009 920
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - BD0CBC2280BB0FA0F68E08DD85623C08
413FC2A0C716421B3158746D63736515

Jeste jednou, tentokrat s timto skriptem, neco jsem zapomnel

KillAll::

Firefox::
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\
FF - ExtSQL: 2013-10-12 04:10; toolbar_ATU4-V7@apn.ask.com; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\toolbar_ATU4-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-10-13 10:45; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

Reboot::

dobře
ComboFix 13-11-01.03 - Admin 02.11.2013 15:54:21.4.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.894.456 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Admin\Plocha\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-02 do 2013-11-02 )))))))))))))))))))))))))))))))
.
.
2013-10-20 18:03 . 2013-10-20 18:03 -------- d-----w- C:\_OTL
2013-10-20 09:20 . 2013-10-20 09:24 -------- d-----w- C:\28be117aadd7149fc4
2013-10-19 16:38 . 2013-10-20 10:42 512 ----a-w- C:\PhysicalMBR.bin
2013-10-14 17:50 . 2013-10-14 18:01 -------- d-----w- C:\AdwCleaner
2013-10-13 10:39 . 2013-10-13 10:39 -------- d-----w- C:\rsit
2013-10-13 10:13 . 2013-10-13 10:13 -------- d-----r- C:\MSOCache
2013-10-12 20:16 . 2013-10-12 20:17 -------- d-----w- C:\totalcmd
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 18:25 . 2008-04-14 12:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25 . 2008-04-14 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25 . 2008-04-14 12:00 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2008-04-14 12:00 385024 ------w- c:\windows\system32\html.iec
2013-08-29 07:01 . 2008-04-14 12:00 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56 . 2008-04-14 12:00 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55 . 2008-04-14 12:00 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55 . 2008-04-14 12:00 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55 . 2008-04-14 12:00 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30 . 2008-04-14 12:00 1289216 ----a-w- c:\windows\system32\ole32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-07-17 347192]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064]
"SoundMan"="SOUNDMAN.EXE" [2004-11-15 77824]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-08-16 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Translate Client.lnk - c:\program files\Translate Client\translateclient.exe /h [2011-11-27 1703936]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [12.10.2013 20:01 37352]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.5.2009 16:07 759048]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12.10.2013 20:02 84024]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [8.4.2013 17:44 1320496]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [8.4.2013 17:43 799280]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt --> c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [14.10.2013 14:15 40776]
S4 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [12.10.2013 20:01 815160]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/?clid=1
FF - ExtSQL: 2013-10-12 04:10; toolbar_ATU4-V7@apn.ask.com; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\toolbar_ATU4-V7@apn.ask.com.xpi
FF - ExtSQL: 2013-10-13 10:45; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\ahs68hmw.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-10-20 11:39; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-02 16:03
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(508)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'lsass.exe'(564)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
- - - - - - - > 'explorer.exe'(660)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Translate Client\translateclient.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2013-11-02 16:06:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-02 15:06
ComboFix2.txt 2013-11-02 14:39
ComboFix3.txt 2013-11-02 14:22
ComboFix4.txt 2013-11-02 12:50
.
Před spuštěním: Volných bajtů: 178 608 177 152
Po spuštění: Volných bajtů: 178 599 653 376
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - A87FA68A372587616747EFC5D7B9B79D
413FC2A0C716421B3158746D63736515

Ještě bych měla otázku. Přestal mi fungovat jeden reprák ze dne na den. Ve správci zařízení má výkřičník, ale aktualizace nejde. Při zapojení sluchátek, fungují obě.