VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2012-10-22 22:32:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 58 GB (77%) free of 76 GB
Total RAM: 1407 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:33:36, on 22.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\ATK0100\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\Seznam.cz\bin\postak.exe
C:\Windows\ATK0100\ATKOSD.exe
C:\Windows\System32\slui.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASC.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\uzivatel\Downloads\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControl] C:\Windows\ATK0100\HControl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files\Seznam.cz\bin\postak.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe

--
End of file - 6589 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2337766050-449555699-2274689675-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2337766050-449555699-2274689675-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-31 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2012-10-04 262080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-31 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\bin\core.4.dll [2012-01-10 1151520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2012-10-04 262080]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files\Seznam.cz\toolbar\toolbar.dll [2011-05-25 188960]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\Windows\ATK0100\HControl.exe [2008-08-21 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-21 786521]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 116648]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-05-28 288128]
"cz.seznam.software.autoupdate"=C:\Users\uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"Seznam Postak"=C:\Program Files\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
C:\Windows\system32\Ati2mdxx.exe [2008-08-21 26112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Windows\sm56hlpr.exe [2005-05-26 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\Windows\system32\Ati2evxx.dll [2008-08-21 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-22 22:32:48 ----D---- C:\Program Files\trend micro
2012-10-22 22:32:45 ----D---- C:\rsit
2012-10-09 09:55:26 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-10-09 09:55:25 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-10-09 09:55:18 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-10-09 09:55:16 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-10-09 09:55:14 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-10-09 09:55:12 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-10-09 09:54:44 ----A---- C:\Windows\avastSS.scr
2012-10-09 09:54:43 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2012-10-22 22:33:04 ----D---- C:\Windows\Prefetch
2012-10-22 22:32:56 ----D---- C:\Windows\Temp
2012-10-22 22:32:48 ----RD---- C:\Program Files
2012-10-20 20:30:37 ----SHD---- C:\System Volume Information
2012-10-20 14:13:38 ----D---- C:\Windows\system32\config
2012-10-16 11:26:03 ----D---- C:\Users\uzivatel\AppData\Roaming\Seznam.cz
2012-10-16 11:24:45 ----D---- C:\Windows\System32
2012-10-16 11:24:45 ----D---- C:\Windows\inf
2012-10-16 11:24:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-16 07:38:43 ----D---- C:\Program Files\McAfee
2012-10-14 15:06:55 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2012-10-09 18:12:31 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-10-09 09:55:26 ----D---- C:\Windows\system32\drivers
2012-10-09 09:55:12 ----D---- C:\Windows\system32\Tasks
2012-10-09 09:55:09 ----SHD---- C:\Windows\Installer
2012-10-09 09:54:44 ----D---- C:\Windows
2012-10-09 09:54:23 ----D---- C:\ProgramData\AVAST Software
2012-10-09 09:54:23 ----D---- C:\Program Files\AVAST Software
2012-10-09 08:33:18 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 risdptsk;risdptsk; C:\Windows\system32\DRIVERS\risdptsk.sys [2005-07-14 27904]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 58680]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\Windows\ATK0100\ASNDIS5.SYS [2008-08-21 16269]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 ati2mtag;ati2mtag; C:\Windows\system32\DRIVERS\ati2mtag.sys [2008-08-21 2304000]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2008-08-21 5632]
R3 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2005-07-12 51328]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-14 43008]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2005-05-26 839724]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-21 193088]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 [2012-05-30 29336]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 23424]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102912]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 101120]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-03-26 32768]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\Windows\system32\Ati2evxx.exe [2008-08-21 483328]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2012-10-10 95232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-09 1343400]

-----------------EOF-----------------

Zdravim

Na logu se pracuje, bude to nejakou dobu trvat.

Odinstalujte Advanced SystemCare a pripadne vse od IObit. Dokaze to nadelat vice skody nez uzitku.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands) Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)




Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: uzivatel
->Temp folder emptied: 2217681 bytes
->Temporary Internet Files folder emptied: 1528798 bytes
->Java cache emptied: 1713 bytes
->Flash cache emptied: 3642 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6266 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 17880009 bytes
RecycleBin emptied: 171124310 bytes

Total Files Cleaned = 184,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Error: No service named AdvancedSystemCareService5 was found to stop!
Service\Driver key AdvancedSystemCareService5 not found.
Service McAfee SiteAdvisor Service stopped successfully!
Service McAfee SiteAdvisor Service deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2337766050-449555699-2274689675-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2337766050-449555699-2274689675-1000UA.job moved successfully.
C:\Program Files\IObit\Advanced SystemCare 5\Update folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 5\SecurityHole_Backup folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 5\LatestNews folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 5\BootTimeLog folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 5\ASCServiceLog folder moved successfully.
C:\Program Files\IObit\Advanced SystemCare 5 folder moved successfully.
C:\Program Files\IObit folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 5 not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 10232012_182510

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.10.23.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
uzivatel :: UZIVATEL-NTB [administrátor]

23.10.2012 18:40:08
mbam-log-2012-10-23 (18-40-08).txt

Typ: Úplná kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 239140
Uplynulý čas: 34 minut, 30 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

MBAM odinstalujte, at se tam zbytecne neplete.

OTM provedlo co melo, zbytek logu vypada OK.

Je tedy s pc nejaky problem? Nebo muzeme uklidit?

Ptala jsem se protože mě nejde nadstavit obrázek na plochu,když dam nadstavit tak se po chvíli ukáže černá obrazovka proto jsem chtěla vědět jestli nemám třeba v notebooku vir.Na jiném foru odkazují tento problém na tuto stránku.Tak proto se ptám.

Nejde nastavit zadny obrazek? Nebo jen nektere?


Podivame hloubeji.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\uzivatel\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,37 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 57,40% Memory free
2,75 Gb Paging File | 1,80 Gb Available in Paging File | 65,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 57,15 Gb Free Space | 76,78% Space Free | Partition Type: NTFS

Computer Name: UZIVATEL-NTB | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.10.25 11:25:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Downloads\OTL.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 23:29:24 | 000,325,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
PRC - [2010.11.20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008.08.21 18:31:54 | 002,379,776 | ---- | M] () -- C:\Windows\ATK0100\ATKOSD.exe
PRC - [2008.08.21 18:31:54 | 000,110,592 | ---- | M] () -- C:\Windows\ATK0100\HControl.exe


========== Modules (No Company Name) ==========

MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012.01.10 16:16:10 | 000,491,040 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\postak.exe
MOD - [2012.01.10 14:51:40 | 000,822,816 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\email.4.dll
MOD - [2012.01.10 14:51:14 | 001,151,520 | ---- | M] () -- C:\Program Files\Seznam.cz\bin\core.4.dll
MOD - [2008.08.21 18:31:54 | 002,379,776 | ---- | M] () -- C:\Windows\ATK0100\ATKOSD.exe
MOD - [2008.08.21 18:31:54 | 000,163,840 | ---- | M] () -- C:\Windows\ATK0100\ASUSNet.dll
MOD - [2008.08.21 18:31:54 | 000,110,592 | ---- | M] () -- C:\Windows\ATK0100\HControl.exe
MOD - [2008.08.21 18:31:54 | 000,057,344 | ---- | M] () -- C:\Windows\ATK0100\CMSSC.dll
MOD - [2007.03.02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll


========== Services (SafeList) ==========

SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.09 16:36:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.05.30 00:22:22 | 000,029,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 -- (AIDA64Driver)
DRV - [2012.03.26 23:45:14 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009.12.15 14:05:42 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.12.15 14:05:42 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009.12.15 14:05:42 | 000,023,424 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewdcsc.sys -- (Huawei)
DRV - [2009.07.14 00:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.07.14 00:02:46 | 001,096,704 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.08.21 18:31:54 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Windows\ATK0100\ASNDIS5.sys -- (ASNDIS5)
DRV - [2008.08.21 18:31:54 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.08.21 18:10:35 | 002,304,000 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.07.14 12:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005.07.12 19:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005.05.26 17:19:18 | 000,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2012.10.16 07:38:54 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012.10.23 18:25:39 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Ukazatel S-Rank) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\core.4.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControl] C:\Windows\ATK0100\HControl.exe ()
O4 - HKCU..\Run: [Seznam Postak] C:\Program Files\Seznam.cz\bin\postak.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E0E0919-FE9D-4805-886C-38A88327BBF8}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\Windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8f412869-ee10-11e1-8ca1-001bfc5822ed}\Shell - "" = AutoRun
O33 - MountPoints2\{8f412869-ee10-11e1-8ca1-001bfc5822ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bc63eb80-edbc-11e1-8d61-001bfc5822ed}\Shell - "" = AutoRun
O33 - MountPoints2\{bc63eb80-edbc-11e1-8d61-001bfc5822ed}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2012.10.23 18:39:01 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Roaming\Malwarebytes
[2012.10.23 18:38:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.23 18:38:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.23 18:25:10 | 000,000,000 | ---D | C] -- C:\_OTM
[2012.10.22 22:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.10.22 22:32:45 | 000,000,000 | ---D | C] -- C:\rsit
[2012.10.09 09:55:26 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.10.09 09:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.10.09 09:55:25 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.10.09 09:55:18 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012.10.09 09:55:16 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.10.09 09:55:14 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.10.09 09:55:12 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.10.09 09:54:44 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.09 09:54:43 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

========== Files - Modified Within 30 Days ==========

[2012.10.25 11:37:46 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.10.25 11:29:54 | 000,020,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.25 11:29:54 | 000,020,640 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.23 18:32:45 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.10.23 18:32:45 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.23 18:32:45 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.10.23 18:32:45 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.23 18:27:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.23 18:27:28 | 1106,722,816 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.23 18:25:39 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.10.11 04:45:23 | 000,002,460 | ---- | M] () -- C:\Users\uzivatel\Desktop\Google Chrome.lnk
[2012.10.09 18:12:31 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.09 18:12:31 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.10.09 09:55:26 | 000,002,075 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.09 09:55:12 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

========== Files Created - No Company Name ==========

[2012.10.25 11:37:46 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.10.09 09:55:26 | 000,002,075 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.07.09 18:45:57 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\ATKACPI.sys
[2012.07.09 18:21:52 | 003,107,788 | ---- | C] () -- C:\Windows\System32\ativvaxx.dat
[2012.07.09 18:21:52 | 003,107,788 | ---- | C] () -- C:\Windows\System32\ativva5x.dat
[2012.07.09 18:21:52 | 000,972,072 | ---- | C] () -- C:\Windows\System32\ativva6x.dat
[2012.07.09 18:21:51 | 000,149,278 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.11.21 03:16:19 | 000,631,292 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2010.11.21 03:16:19 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2010.11.21 03:16:19 | 000,121,914 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2010.11.21 03:16:19 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.01.04 10:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.07.12 11:03:03 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ashampoo
[2012.07.23 11:52:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\IObit
[2012.10.16 11:26:03 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz
[2012.08.24 11:27:22 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Telefónica Móviles

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,013,784 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\System32\cryptsvc.dll
[2012.04.24 06:36:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=06E771AA596B8761107AB57E99F128D7 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17827_none_77ff39f3f916c65f\cryptsvc.dll
[2012.04.24 06:28:22 | 000,142,336 | ---- | M] (Microsoft Corporation) MD5=21993009E0CCB9B4FA195F14D3408626 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21979_none_7854c7b7125b248c\cryptsvc.dll
[2010.11.20 23:29:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: IASTORV.SYS >
[2012.08.25 07:39:18 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2012.08.25 07:39:18 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2012.08.25 07:39:18 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2012.08.25 07:39:18 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 23:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 03:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011.11.17 07:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2011.11.17 07:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

< MD5 for: NDIS.SYS >
[2010.11.20 23:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 23:29:12 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 23:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

< MD5 for: NVRAID.SYS >
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 23:29:03 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2012.08.25 07:39:18 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2012.08.25 07:39:18 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2012.08.25 07:39:18 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2012.08.25 07:39:18 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2012.08.25 07:39:18 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2012.08.25 07:39:18 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2012.08.25 07:39:18 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2012.08.25 07:39:18 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 23:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 23:29:06 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.07.12 11:35:39 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Adobe
[2012.07.12 11:03:03 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ashampoo
[2012.07.09 17:51:51 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ATI
[2012.08.05 08:42:46 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\dvdcss
[2012.07.09 15:46:07 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Identities
[2012.07.23 11:52:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\IObit
[2012.07.09 16:28:27 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Macromedia
[2012.10.23 18:39:01 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Malwarebytes
[2010.11.21 03:24:44 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Media Center Programs
[2012.10.14 15:06:55 | 000,000,000 | --SD | M] -- C:\Users\uzivatel\AppData\Roaming\Microsoft
[2012.10.16 11:26:03 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz
[2012.08.24 11:27:22 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Telefónica Móviles
[2012.10.23 18:22:24 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\vlc
[2012.07.09 17:57:53 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.07.09 18:27:35 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{0AD37499-3D5D-12F0-EBEA-46EE9AD02DBF}\ARPPRODUCTICON.exe
[2012.07.09 18:28:01 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{174D7CC5-1117-29D3-8422-2E54ADF7DB5D}\ARPPRODUCTICON.exe
[2012.07.09 18:28:52 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{23894154-0961-CD0A-BAC0-67E6E96165C3}\ARPPRODUCTICON.exe
[2012.07.09 18:28:39 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{24DFAAD6-E1ED-F588-2AD5-2EA4FE9113AE}\ARPPRODUCTICON.exe
[2012.07.09 18:28:34 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{26886987-D038-7438-8DF2-ED3B1888E052}\ARPPRODUCTICON.exe
[2012.07.09 18:27:42 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{2C6D0ACD-DD2B-BFE5-A005-53AFD4AA3175}\ARPPRODUCTICON.exe
[2012.07.09 18:27:51 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{2D50DC1F-FCEC-D970-1DFB-E73CF2404451}\ARPPRODUCTICON.exe
[2012.07.09 18:28:50 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{306682DE-BB8E-CD56-9F6B-DE209469418A}\ARPPRODUCTICON.exe
[2012.07.09 18:28:48 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{310477AD-884B-736D-B2C8-7BE9433B243D}\ARPPRODUCTICON.exe
[2012.07.09 18:28:26 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{31814F2E-FA58-AFE8-DC97-3BD97F7191C2}\ARPPRODUCTICON.exe
[2012.07.09 18:28:24 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{354F7470-D8E3-95D0-3488-B9E32D5E9636}\ARPPRODUCTICON.exe
[2012.07.09 18:27:53 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{380FAC97-C47F-C5A9-2A51-DFF8DE144B37}\ARPPRODUCTICON.exe
[2012.07.09 18:28:43 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{407A5080-4B1C-A43D-9EED-A3B5EDBCF593}\ARPPRODUCTICON.exe
[2012.07.09 18:28:09 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{46FE06BF-2A08-9D00-ABFD-7F967817E275}\ARPPRODUCTICON.exe
[2012.07.09 18:26:51 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{4B50D80D-A482-DECD-B584-EB054EBA878A}\ARPPRODUCTICON.exe
[2012.07.09 18:27:59 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{5ABA84ED-D61B-257F-809F-A8C883865854}\ARPPRODUCTICON.exe
[2012.07.09 18:27:44 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{5B464CAC-76BD-BDBB-8066-318D05D171DF}\ARPPRODUCTICON.exe
[2012.07.09 18:28:03 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{5C7332EA-BFB9-24A0-BDD9-254F4B113E41}\ARPPRODUCTICON.exe
[2012.07.09 18:28:13 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{66B5F542-952C-F50D-BFF3-BCA582B65860}\ARPPRODUCTICON.exe
[2012.07.09 18:28:35 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{67213BA8-70C6-458D-9B64-4B93FB35E84B}\ARPPRODUCTICON.exe
[2012.07.09 18:28:42 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{6AA66ACB-E93C-C7CD-F303-D473AEC8A43E}\ARPPRODUCTICON.exe
[2012.07.09 18:27:55 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{6D5DC54D-B06E-32A8-A5D9-4978D7A75FA1}\ARPPRODUCTICON.exe
[2012.07.09 18:28:29 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{782BC438-2C73-77F4-F5B6-7ADC87F611BB}\ARPPRODUCTICON.exe
[2012.07.09 18:28:40 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{7BBA76B4-CC34-0AAB-6D48-BE0181E20832}\ARPPRODUCTICON.exe
[2012.07.09 18:28:06 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{7F311276-1CD6-1661-8BAE-DD9016FE9B8D}\ARPPRODUCTICON.exe
[2012.07.09 18:27:39 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{84C89CF4-F64E-6820-375C-24963DDF99C9}\ARPPRODUCTICON.exe
[2012.07.09 18:28:37 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{8C0D145D-EB41-E1DB-6250-0146B02CBA3A}\ARPPRODUCTICON.exe
[2012.07.09 18:28:32 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{8F5D6849-1A7E-B0B2-F1DE-C0FF21F9E78C}\ARPPRODUCTICON.exe
[2012.07.09 18:28:05 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{944DA8EF-FD4E-1FD9-D88A-B22D78913BE6}\ARPPRODUCTICON.exe
[2012.07.09 18:27:47 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{97F5E039-D2F5-18C0-F0C9-6981F73514CC}\ARPPRODUCTICON.exe
[2012.07.09 18:28:28 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{A35D49A6-F3CF-87AA-6FF1-777D8A06BAB1}\ARPPRODUCTICON.exe
[2012.07.09 18:28:18 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{B2CEACB9-7690-30B5-D80A-B138DB4F0E37}\ARPPRODUCTICON.exe
[2012.07.09 18:28:46 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{D26970AA-C66F-142F-7C66-A73FC3546F57}\ARPPRODUCTICON.exe
[2012.07.09 18:28:11 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{D88DB576-0989-879A-38B1-7ED6224B2F52}\ARPPRODUCTICON.exe
[2012.07.09 18:28:23 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{D8B87EBC-12C2-D4FC-F085-A062D4906216}\ARPPRODUCTICON.exe
[2012.07.09 18:28:30 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E2A05D36-56EF-84FC-E7D7-090D6E5F09BC}\ARPPRODUCTICON.exe
[2012.07.09 18:27:57 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E4DA4D2C-F57F-782E-752E-9286E5713297}\ARPPRODUCTICON.exe
[2012.07.09 18:28:44 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E4E118EF-5286-915B-7DBD-D931AB9AF200}\ARPPRODUCTICON.exe
[2012.07.09 18:28:53 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{E5B85BE7-55B5-0A14-7634-FEF92BCB87FB}\ARPPRODUCTICON.exe
[2012.07.09 18:28:16 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{F384BD83-C317-94DA-A4AB-3E75E43F4F8C}\ARPPRODUCTICON.exe
[2012.07.09 18:28:49 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{F622BE4A-363F-F2B6-1F98-54E5E99B1750}\ARPPRODUCTICON.exe
[2012.07.09 18:28:21 | 000,010,134 | R--- | M] () -- C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{F6D39840-BB27-A191-BDF2-1841CA805D24}\ARPPRODUCTICON.exe
[2012.09.13 15:24:48 | 001,009,288 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe
[2012.09.13 16:00:12 | 002,515,080 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz\sznsetup.exe
[2012.07.10 11:16:16 | 000,660,480 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
[2012.05.04 10:41:02 | 002,330,136 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz\install\sznsetup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.10.25 11:29:54 | 000,020,640 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.25 11:29:54 | 000,020,640 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.23 18:32:45 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.10.23 18:32:45 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.10.23 18:32:45 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.10.23 18:32:45 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.10.23 18:32:45 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 23:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Seznam Postak" = "C:\Program Files\Seznam.cz\bin\postak.exe" -s -- [2012.01.10 16:16:10 | 000,491,040 | ---- | M] ()

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.10.25 11:37:46 | 000,000,512 | ---- | M] () MD5=3E49747892FF0A2D7308805B652DDBF4 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2012.07.09 16:30:15 | 000,792,704 | ---- | M] () -- \Users\uzivatel\Downloads\amddriverdownloader (1).exe
[2012.07.09 16:31:28 | 000,792,704 | ---- | M] () -- \Users\uzivatel\Downloads\amddriverdownloader (2).exe
[2012.07.09 16:29:48 | 000,792,704 | ---- | M] () -- \Users\uzivatel\Downloads\amddriverdownloader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.11.21 03:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 03:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 03:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 03:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.03.29 03:57:56 | 000,420,464 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.dll
[2012.07.24 21:21:01 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\System.Runtime.Serialization.ni.dll
[2012.03.29 04:38:06 | 000,068,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\de\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,064,144 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\en-us\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,068,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\es\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,068,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\fr\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,064,144 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\it\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,076,432 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\ja\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,068,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\ko\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,084,624 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\ru\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,060,048 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\zh-Hans\System.Runtime.Serialization.debug.resources.dll
[2012.03.29 04:38:06 | 000,060,048 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.1.10329.0\zh-Hant\System.Runtime.Serialization.debug.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.11.21 03:15:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2012.07.09 16:27:37 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ff4e90c5842525f7a7456639de090d8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.07.09 17:06:00 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
[2012.07.09 18:17:03 | 000,310,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\d0ff3383438d688a0118d0fa19ed1dc4\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2012.07.09 18:16:56 | 002,625,024 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
[2012.07.09 17:12:59 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.07.09 17:10:20 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.07.09 17:12:59 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2012.07.09 17:10:19 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2010.11.21 03:15:49 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2005.05.26 17:19:18 | 000,839,724 | ---- | M] () -- \Windows\System32\drivers\smserial.sys
[2010.11.21 03:15:53 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2005.05.26 17:19:18 | 000,839,724 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smserial.inf_x86_neutral_86ed60d24eeb8740\smserial.hda
[2005.07.08 17:09:50 | 000,064,460 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smserial.inf_x86_neutral_86ed60d24eeb8740\smserial.inf
[2012.07.09 16:10:45 | 000,122,040 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smserial.inf_x86_neutral_86ed60d24eeb8740\smserial.PNF
[2005.05.26 17:14:46 | 000,924,876 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smserial.inf_x86_neutral_86ed60d24eeb8740\smserial.sys
[2009.07.14 04:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 04:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2010.11.21 03:16:08 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2010.11.20 23:24:56 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2010.11.21 03:15:32 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.20 23:24:56 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2009.07.14 03:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2010.11.20 23:24:56 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.21 03:15:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2009.07.14 00:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2010.11.21 03:15:47 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 03:15:49 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.21 03:15:56 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 03:15:53 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 01:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.14 00:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2010.11.20 23:29:48 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll

< *w7lxe* /s >

< >

< End of report >

OTL Extras logfile created on: 25.10.2012 11:34:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\uzivatel\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,37 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 57,40% Memory free
2,75 Gb Paging File | 1,80 Gb Available in Paging File | 65,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,43 Gb Total Space | 57,15 Gb Free Space | 76,78% Space Free | Partition Type: NTFS

Computer Name: UZIVATEL-NTB | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D2E964C6-1CE2-4CF2-9CEE-EE3DD69C0721}" = protocol=17 | dir=in | app=c:\users\uzivatel\downloads\cnet2_atinb6203_zip.exe |
"{F0457CA0-0726-4638-9E18-AF5D4EB3BBA0}" = protocol=6 | dir=in | app=c:\users\uzivatel\downloads\cnet2_atinb6203_zip.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003C932A-0064-B581-3935-284D2CE76A89}" = Catalyst Control Center Core Implementation
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0AD37499-3D5D-12F0-EBEA-46EE9AD02DBF}" = Catalyst Control Center Localization German
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{174D7CC5-1117-29D3-8422-2E54ADF7DB5D}" = Catalyst Control Center Localization Norwegian
"{1E0E1039-E45D-7EA2-E377-E00C2857E0C2}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21A1D4A5-3D9B-9434-4F97-40367BDF4E47}" = Catalyst Control Center Graphics Full New
"{23894154-0961-CD0A-BAC0-67E6E96165C3}" = CCC Help Chinese Standard
"{24DFAAD6-E1ED-F588-2AD5-2EA4FE9113AE}" = CCC Help Korean
"{26886987-D038-7438-8DF2-ED3B1888E052}" = CCC Help Hungarian
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2C6D0ACD-DD2B-BFE5-A005-53AFD4AA3175}" = Catalyst Control Center Localization Spanish
"{2D50DC1F-FCEC-D970-1DFB-E73CF2404451}" = Catalyst Control Center Localization Hungarian
"{306682DE-BB8E-CD56-9F6B-DE209469418A}" = CCC Help Turkish
"{310477AD-884B-736D-B2C8-7BE9433B243D}" = CCC Help Swedish
"{31814F2E-FA58-AFE8-DC97-3BD97F7191C2}" = CCC Help Greek
"{354F7470-D8E3-95D0-3488-B9E32D5E9636}" = CCC Help German
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{380FAC97-C47F-C5A9-2A51-DFF8DE144B37}" = Catalyst Control Center Localization Italian
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{407A5080-4B1C-A43D-9EED-A3B5EDBCF593}" = CCC Help Polish
"{46FE06BF-2A08-9D00-ABFD-7F967817E275}" = Catalyst Control Center Localization Swedish
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B50D80D-A482-DECD-B584-EB054EBA878A}" = ccc-core-preinstall
"{4B8ACECB-D518-99AA-B1F3-E79F905A83EE}" = Catalyst Control Center Localization Czech
"{5ABA84ED-D61B-257F-809F-A8C883865854}" = Catalyst Control Center Localization Dutch
"{5B464CAC-76BD-BDBB-8066-318D05D171DF}" = Catalyst Control Center Localization Finnish
"{5C7332EA-BFB9-24A0-BDD9-254F4B113E41}" = Catalyst Control Center Localization Polish
"{6426C1E8-ADD6-F91F-C152-2ABB7AB25F9F}" = Catalyst Control Center Graphics Full Existing
"{66B5F542-952C-F50D-BFF3-BCA582B65860}" = Catalyst Control Center Localization Turkish
"{67213BA8-70C6-458D-9B64-4B93FB35E84B}" = CCC Help Italian
"{6AA66ACB-E93C-C7CD-F303-D473AEC8A43E}" = CCC Help Norwegian
"{6D5DC54D-B06E-32A8-A5D9-4978D7A75FA1}" = Catalyst Control Center Localization Japanese
"{6DC712D0-A8AE-70EE-215D-ECE5DB29782C}" = Skins
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{782BC438-2C73-77F4-F5B6-7ADC87F611BB}" = CCC Help Spanish
"{791A19F4-E4E5-F4B0-7687-F5D1C4FF799A}" = Catalyst Control Center Graphics Light
"{7BBA76B4-CC34-0AAB-6D48-BE0181E20832}" = CCC Help Dutch
"{7F311276-1CD6-1661-8BAE-DD9016FE9B8D}" = Catalyst Control Center Localization Russian
"{84C89CF4-F64E-6820-375C-24963DDF99C9}" = Catalyst Control Center Localization Greek
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0D145D-EB41-E1DB-6250-0146B02CBA3A}" = CCC Help Japanese
"{8F5D6849-1A7E-B0B2-F1DE-C0FF21F9E78C}" = CCC Help French
"{944DA8EF-FD4E-1FD9-D88A-B22D78913BE6}" = Catalyst Control Center Localization Portuguese
"{97F5E039-D2F5-18C0-F0C9-6981F73514CC}" = Catalyst Control Center Localization French
"{9E684286-287F-AE06-6909-31A0944A9B4F}" = Catalyst Control Center Localization Danish
"{A0CE9CC5-B17D-3FD5-20B9-A2509B475A20}" = ccc-utility
"{A35D49A6-F3CF-87AA-6FF1-777D8A06BAB1}" = CCC Help English
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B2CEACB9-7690-30B5-D80A-B138DB4F0E37}" = Catalyst Control Center Localization Chinese Traditional
"{D26970AA-C66F-142F-7C66-A73FC3546F57}" = CCC Help Russian
"{D88DB576-0989-879A-38B1-7ED6224B2F52}" = Catalyst Control Center Localization Thai
"{D8B87EBC-12C2-D4FC-F085-A062D4906216}" = CCC Help Danish
"{E2A05D36-56EF-84FC-E7D7-090D6E5F09BC}" = CCC Help Finnish
"{E4DA4D2C-F57F-782E-752E-9286E5713297}" = Catalyst Control Center Localization Korean
"{E4E118EF-5286-915B-7DBD-D931AB9AF200}" = CCC Help Portuguese
"{E5B85BE7-55B5-0A14-7634-FEF92BCB87FB}" = CCC Help Chinese Traditional
"{F384BD83-C317-94DA-A4AB-3E75E43F4F8C}" = Catalyst Control Center Localization Chinese Standard
"{F622BE4A-363F-F2B6-1F98-54E5E99B1750}" = CCC Help Thai
"{F6D39840-BB27-A191-BDF2-1841CA805D24}" = CCC Help Czech
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.50
"All ATI Software" = Softarová utilita ATI - Odinstalovat
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"ATI Display Driver" = ATI Display Driver
"avast" = avast! Free Antivirus
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
"CrystalDiskInfo_is1" = CrystalDiskInfo 4.1.3
"HControl" = ATK0100 ACPI UTILITY
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"O2CZ" = O2
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"szn-software-postak" = Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.10.2012 13:52:52 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 16.10.2012 15:03:04 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.10.2012 1:15:25 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.10.2012 2:01:07 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 18.10.2012 1:58:45 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 18.10.2012 10:10:38 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 19.10.2012 7:14:30 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 22.10.2012 13:44:18 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 23.10.2012 12:29:11 | Computer Name = uzivatel-NTB | Source = WinMgmt | ID = 10
Description =

Error - 23.10.2012 13:29:36 | Computer Name = uzivatel-NTB | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 22.10.2012 22:54:46 | Computer Name = uzivatel-NTB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.

Error - 23.10.2012 1:22:12 | Computer Name = uzivatel-NTB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Wlansvc bylo dosaženo časového
limitu (30000 ms).

Error - 23.10.2012 12:25:11 | Computer Name = uzivatel-NTB | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 23.10.2012 12:27:19 | Computer Name = uzivatel-NTB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.

Error - 23.10.2012 21:36:25 | Computer Name = uzivatel-NTB | Source = DCOM | ID = 10010
Description =

Error - 23.10.2012 21:36:50 | Computer Name = uzivatel-NTB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.

Error - 24.10.2012 1:51:55 | Computer Name = uzivatel-NTB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Wlansvc bylo dosaženo časového
limitu (30000 ms).

Error - 24.10.2012 21:42:06 | Computer Name = uzivatel-NTB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).

Error - 24.10.2012 21:42:15 | Computer Name = uzivatel-NTB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.

Error - 25.10.2012 1:30:01 | Computer Name = uzivatel-NTB | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Kontrola šifrovaného svazku: Informace o svazku E: nelze přečíst.


< End of report >

Márty84 píše: Nejde nastavit zadny obrazek? Nebo jen nektere?

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.




Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: uzivatel
->Temp folder emptied: 2977859 bytes
->Temporary Internet Files folder emptied: 53387 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll not found.
C:\Users\uzivatel\AppData\Roaming\IObit\Advanced SystemCare V5\Toolbox folder moved successfully.
C:\Users\uzivatel\AppData\Roaming\IObit\Advanced SystemCare V5\Log folder moved successfully.
C:\Users\uzivatel\AppData\Roaming\IObit\Advanced SystemCare V5\Boottime folder moved successfully.
C:\Users\uzivatel\AppData\Roaming\IObit\Advanced SystemCare V5\Backup folder moved successfully.
C:\Users\uzivatel\AppData\Roaming\IObit\Advanced SystemCare V5 folder moved successfully.
C:\Users\uzivatel\AppData\Roaming\IObit folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7C7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB36C.tmp folder deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 10252012_195825

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Operační systém: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : uzivatel [Práva správce]
Mód : Kontrola -- Datum : 10/25/2012 20:09:06

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST980811AS ATA Device +++++
--- User ---
[MBR] 3e49747892ff0a2d7308805b652ddbf4
[BSP] 31e50f1ff8f60d2e670ec6253b407e36 : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Ricoh SD/MMC Disk Device +++++
--- User ---
[MBR] NOT VALID
Error reading LL1 MBR!
Error reading LL2 MBR!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

Dockam se nekdy odpovedi na svou otazku ohledne tech obrazku?



Znovu spustte RogueKiller jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Co se týče těch obrázku ,tak když nadstavím jakýkoli obrázek tak po nadstavení po chvíli zmizne,a zustane černá obrazovka.Takže nejde nadstavit žádný obrázek.