VIRY.CZ

Dobrý den,
hlásím se do klubu lidí, kterým nejde spustit centrum zabezpečení ve win7...

Prosím tímto o pomoc a děkuji předem.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Helča & Honza at 2013-03-13 21:29:59
WIN_7 Service Pack 1
System drive C: has 55 GB (55%) free of 100 GB
Total RAM: 2670 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:28, on 13.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\OLYMPUS\ib\olycamdetect.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe
C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe
C:\Program Files\Clarus\Samsung Drive Manager\SZDrvMon.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\Helča & Honza\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Helča & Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: InternetPanelBHO - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetSoftware\IEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Samsung Drive Manager] C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2031247276-2872380062-851812115-1000\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - Global Startup: Samsung Drive Manager Real-Time.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Samsung Drive Manager Service (SZDrvSvc) - Clarus, Inc. - C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 9780 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Helča & Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zhrs6mc7.default

"fe_9.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-20 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-24 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-13 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]
Internet Panel - C:\Program Files\NetSoftware\IEHelper.dll [2012-04-05 495888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-24 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-13 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 143640]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 176920]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 178456]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-06-09 10082920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2011-01-26 264792]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-03-14 1081424]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2012-12-04 189952]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-05-20 296056]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-11-29 96128]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-02-01 1083264]
"Samsung Drive Manager"=C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe [2012-08-17 5796440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Samsung Drive Manager Real-Time.lnk - C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-25 288768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-13 21:29:59 ----D---- C:\rsit
2013-03-13 21:29:59 ----D---- C:\Program Files\trend micro
2013-03-12 17:32:49 ----N---- C:\Windows\KMSEmulator.exe
2013-03-10 09:03:46 ----D---- C:\Program Files\Garmin
2013-03-08 17:00:35 ----D---- C:\Program Files\Mozilla Firefox
2013-02-24 10:51:45 ----A---- C:\Windows\system32\javaws.exe
2013-02-24 10:51:35 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-02-24 10:51:35 ----A---- C:\Windows\system32\javaw.exe
2013-02-24 10:51:35 ----A---- C:\Windows\system32\java.exe
2013-02-24 10:51:21 ----D---- C:\Program Files\Java
2013-02-24 09:33:19 ----D---- C:\Program Files\Mozilla Thunderbird
2013-02-21 22:34:02 ----D---- C:\Users\Helča & Honza\AppData\Roaming\XBMC
2013-02-21 22:33:44 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-02-21 22:33:44 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-02-21 22:32:10 ----D---- C:\Program Files\XBMC
2013-02-16 08:14:29 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-16 08:14:28 ----A---- C:\Windows\system32\vbscript.dll
2013-02-16 08:14:28 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-16 08:14:27 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-16 08:14:27 ----A---- C:\Windows\system32\ieui.dll
2013-02-16 08:14:26 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-16 08:14:25 ----A---- C:\Windows\system32\wininet.dll
2013-02-16 08:14:24 ----A---- C:\Windows\system32\jscript.dll
2013-02-16 08:14:23 ----A---- C:\Windows\system32\url.dll
2013-02-16 08:14:23 ----A---- C:\Windows\system32\jscript9.dll
2013-02-16 08:14:22 ----A---- C:\Windows\system32\iertutil.dll
2013-02-16 08:14:20 ----A---- C:\Windows\system32\urlmon.dll
2013-02-16 08:14:18 ----A---- C:\Windows\system32\mshtml.dll
2013-02-16 08:14:15 ----A---- C:\Windows\system32\ieframe.dll

======List of files/folders modified in the last 1 month======

2013-03-13 21:30:12 ----D---- C:\Windows\Temp
2013-03-13 21:29:59 ----RD---- C:\Program Files
2013-03-13 21:16:06 ----D---- C:\ProgramData\NetSoftware
2013-03-13 18:44:29 ----A---- C:\Windows\system32\log.txt
2013-03-13 18:44:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-13 18:42:51 ----D---- C:\Program Files\NetSoftware
2013-03-13 18:42:37 ----D---- C:\Windows
2013-03-13 18:41:40 ----D---- C:\Windows\system32\config
2013-03-13 18:27:59 ----D---- C:\Windows\System32
2013-03-13 16:52:59 ----SHD---- C:\System Volume Information
2013-03-12 17:37:32 ----D---- C:\Windows\system32\Tasks
2013-03-11 16:41:34 ----D---- C:\Windows\Prefetch
2013-03-10 09:04:50 ----SHD---- C:\Windows\Installer
2013-03-10 09:03:47 ----D---- C:\Windows\inf
2013-03-10 08:48:17 ----D---- C:\Users\Helča & Honza\AppData\Roaming\GeoGet
2013-03-10 08:46:32 ----D---- C:\Users\Helča & Honza\AppData\Roaming\vlc
2013-03-09 06:23:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-03 14:38:16 ----D---- C:\Windows\system
2013-03-03 14:34:24 ----D---- C:\Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite
2013-02-24 10:51:24 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-02-24 10:51:24 ----A---- C:\Windows\system32\deployJava1.dll
2013-02-24 05:35:08 ----D---- C:\Windows\system32\catroot2
2013-02-21 22:33:18 ----D---- C:\Windows\Logs
2013-02-17 13:27:13 ----D---- C:\Windows\Microsoft.NET
2013-02-17 13:27:12 ----RSD---- C:\Windows\assembly
2013-02-16 14:12:49 ----D---- C:\Users\Helča & Honza\AppData\Roaming\dvdcss
2013-02-16 08:43:00 ----D---- C:\Windows\winsxs
2013-02-16 08:41:13 ----D---- C:\Windows\system32\migration
2013-02-16 08:41:13 ----D---- C:\Windows\system32\drivers
2013-02-16 08:41:11 ----D---- C:\Program Files\Internet Explorer
2013-02-16 08:17:58 ----D---- C:\Windows\debug
2013-02-16 08:17:52 ----A---- C:\Windows\system32\MRT.exe
2013-02-16 08:17:30 ----D---- C:\ProgramData\Microsoft Help
2013-02-16 08:14:46 ----D---- C:\Windows\system32\catroot
2013-02-16 08:10:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-14 19:50:15 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 353304]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-03-13 473656]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-13 242240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-03-17 2158592]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-03-25 10542080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-06-14 3520168]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 269824]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2011-04-19 68208]
R3 mdf16;mdf16; \??\C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys [2012-06-21 18864]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mvd23;mvd23; \??\C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys [2012-06-21 89008]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a8a0yv5d;a8a0yv5d; C:\Windows\system32\drivers\a8a0yv5d.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 46680]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 SZDrvSvc;Samsung Drive Manager Service; C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2012-08-17 19456]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-13 136176]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-13 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-26 194032]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Priste to dejte do jednoho prispevku. Kdyz si hned odpovite, zapadnete a trva dele, nez vas nekdo objevi

Pokud je problem jeste aktualni a chcete log zkontrolovat, budete muset odinstalovat cracknute office a pak dat novy log z RSIT.

jí si říkal, že jste na mě zapoměli

, že jso office craclé jsem nevěděl, počítač jsem koupil na aukru a už byly nainstalované...
jsou pryč...

LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Helča & Honza at 2013-03-16 18:01:37
WIN_7 Service Pack 1
System drive C: has 58 GB (58%) free of 100 GB
Total RAM: 2670 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:02:02, on 16.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\OLYMPUS\ib\olycamdetect.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe
C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Clarus\Samsung Drive Manager\SZDrvMon.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
E:\RSIT.exe
C:\Program Files\trend micro\Helča & Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: InternetPanelBHO - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetSoftware\IEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Olympus ib] "C:\Program Files\Olympus\ib\olycamdetect.exe" /Startup
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [Samsung Drive Manager] C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-2031247276-2872380062-851812115-1000\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User '?')
O4 - Global Startup: Samsung Drive Manager Real-Time.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Samsung Drive Manager Service (SZDrvSvc) - Clarus, Inc. - C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 8556 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Helča & Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zhrs6mc7.default

"fe_9.0@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448]
"Description"=6.0.12.448
"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-20 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-16 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-13 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE7C3CF0-4B15-11D1-ABED-709549C10000}]
Internet Panel - C:\Program Files\NetSoftware\IEHelper.dll [2012-04-05 495888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-16 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-13 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 143640]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 176920]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 178456]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-06-09 10082920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2011-01-26 264792]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-03-14 1081424]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2012-12-04 189952]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2012-05-20 296056]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Olympus ib"=C:\Program Files\Olympus\ib\olycamdetect.exe [2011-11-29 96128]
"MDS_Menu"=C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe [2011-08-30 223104]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-02-01 1083264]
"Samsung Drive Manager"=C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe [2012-08-17 5796440]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Samsung Drive Manager Real-Time.lnk - C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-25 288768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-16 17:52:43 ----A---- C:\Windows\system32\javaws.exe
2013-03-16 17:52:36 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-16 17:52:36 ----A---- C:\Windows\system32\javaw.exe
2013-03-16 17:52:36 ----A---- C:\Windows\system32\java.exe
2013-03-16 17:52:27 ----D---- C:\Program Files\Java
2013-03-16 17:42:26 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-16 17:42:25 ----A---- C:\Windows\system32\vbscript.dll
2013-03-16 17:42:25 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-16 17:42:24 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-16 17:42:24 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-16 17:42:24 ----A---- C:\Windows\system32\ieui.dll
2013-03-16 17:42:23 ----A---- C:\Windows\system32\wininet.dll
2013-03-16 17:42:23 ----A---- C:\Windows\system32\jscript.dll
2013-03-16 17:42:22 ----A---- C:\Windows\system32\url.dll
2013-03-16 17:42:22 ----A---- C:\Windows\system32\jscript9.dll
2013-03-16 17:42:21 ----A---- C:\Windows\system32\iertutil.dll
2013-03-16 17:42:20 ----A---- C:\Windows\system32\urlmon.dll
2013-03-16 17:42:18 ----A---- C:\Windows\system32\mshtml.dll
2013-03-16 17:42:17 ----A---- C:\Windows\system32\ieframe.dll
2013-03-16 17:36:33 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-16 17:36:31 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-13 21:29:59 ----D---- C:\rsit
2013-03-13 21:29:59 ----D---- C:\Program Files\trend micro
2013-03-10 09:03:46 ----D---- C:\Program Files\Garmin
2013-03-08 17:00:35 ----D---- C:\Program Files\Mozilla Firefox
2013-02-24 09:33:19 ----D---- C:\Program Files\Mozilla Thunderbird
2013-02-21 22:34:02 ----D---- C:\Users\Helča & Honza\AppData\Roaming\XBMC
2013-02-21 22:33:44 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-02-21 22:33:44 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-02-21 22:32:10 ----D---- C:\Program Files\XBMC

======List of files/folders modified in the last 1 month======

2013-03-16 18:01:47 ----D---- C:\Windows\Temp
2013-03-16 17:59:30 ----D---- C:\Windows\winsxs
2013-03-16 17:59:21 ----SHD---- C:\System Volume Information
2013-03-16 17:57:36 ----D---- C:\Windows\system32\catroot
2013-03-16 17:57:08 ----D---- C:\ProgramData\NetSoftware
2013-03-16 17:56:35 ----A---- C:\Windows\system32\log.txt
2013-03-16 17:55:04 ----D---- C:\Program Files\NetSoftware
2013-03-16 17:54:31 ----D---- C:\Windows\system32\config
2013-03-16 17:54:14 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-16 17:53:28 ----D---- C:\Windows\system32\migration
2013-03-16 17:53:28 ----D---- C:\Windows\System32
2013-03-16 17:53:27 ----D---- C:\Program Files\Internet Explorer
2013-03-16 17:52:51 ----SHD---- C:\Windows\Installer
2013-03-16 17:52:29 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-03-16 17:52:29 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-16 17:52:27 ----RD---- C:\Program Files
2013-03-16 17:44:08 ----D---- C:\Windows\debug
2013-03-16 17:44:03 ----A---- C:\Windows\system32\MRT.exe
2013-03-16 17:42:46 ----D---- C:\Windows\system32\catroot2
2013-03-16 17:38:37 ----D---- C:\Windows\inf
2013-03-16 17:36:39 ----D---- C:\Windows\system32\Tasks
2013-03-16 17:36:33 ----D---- C:\Windows\system32\drivers
2013-03-16 17:36:28 ----D---- C:\Windows
2013-03-16 17:28:51 ----D---- C:\Windows\Microsoft.NET
2013-03-16 17:28:30 ----D---- C:\ProgramData\Microsoft Help
2013-03-16 17:28:29 ----RSD---- C:\Windows\assembly
2013-03-16 17:26:57 ----SD---- C:\ProgramData\Microsoft
2013-03-16 17:26:57 ----D---- C:\Program Files\Common Files\microsoft shared
2013-03-16 17:26:34 ----RSD---- C:\Windows\Fonts
2013-03-16 17:26:01 ----D---- C:\Program Files\MSBuild
2013-03-16 17:25:48 ----D---- C:\Program Files\Common Files
2013-03-16 17:23:54 ----D---- C:\Windows\ShellNew
2013-03-13 21:54:19 ----D---- C:\Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite
2013-03-13 21:54:16 ----D---- C:\Windows\Logs
2013-03-13 21:52:56 ----D---- C:\Program Files\CCleaner
2013-03-13 18:44:06 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-11 16:41:34 ----D---- C:\Windows\Prefetch
2013-03-10 08:48:17 ----D---- C:\Users\Helča & Honza\AppData\Roaming\GeoGet
2013-03-10 08:46:32 ----D---- C:\Users\Helča & Honza\AppData\Roaming\vlc
2013-03-09 06:23:27 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-07 00:32:42 ----A---- C:\Windows\system32\aswBoot.exe
2013-03-03 14:38:16 ----D---- C:\Windows\system

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 353304]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-03-13 473656]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-13 242240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-03-17 2158592]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-03-25 10542080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-06-14 3520168]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 269824]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2011-04-19 68208]
R3 mdf16;mdf16; \??\C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys [2012-06-21 18864]
R3 MEI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mvd23;mvd23; \??\C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys [2012-06-21 89008]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 ajcjxuk6;ajcjxuk6; C:\Windows\system32\drivers\ajcjxuk6.sys []
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 46680]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 SZDrvSvc;Samsung Drive Manager Service; C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe [2012-08-17 19456]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-13 136176]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-13 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-26 194032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

dal jsem to x poprvé to nebylo jako správce...

spouštím kontrolu mbam...

logy jsou stejný:

# AdwCleaner v2.114 - Logfile created 03/16/2013 at 19:39:39
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Helča & Honza - NOVEJNOTAS
# Boot Mode : Normal
# Running from : C:\Users\Helča & Honza\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Helča & Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zhrs6mc7.default\prefs.js

[OK] File is clean.

-\\ Opera v12.14.1738.0

File : C:\Users\Helča & Honza\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1147 octets] - [16/03/2013 19:37:41]
AdwCleaner[R2].txt - [1078 octets] - [16/03/2013 19:39:39]

########## EOF - C:\AdwCleaner[R2].txt - [1138 octets] ##########

OK. Podle vysledku napisu dalsi postup.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.16.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Helča & Honza :: NOVEJNOTAS [administrátor]

Ochrana: Povolena

16.3.2013 19:47:25
MBAM-log-2013-03-16 (21-47-22).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 339552
Uplynulý čas: 1 hodin, 59 minut, 8 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Windows\AutoKMS.exe (Riskware.Keygen) -> Nebyla provedena žádná instrukce.

(konec)

keygen???

nevím že bych někde nějakej potřeboval???

To je ten crack na office. Nalez nechte odstranit. Casto je jeho soucasti i nejaka havet.

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

# AdwCleaner v2.114 - Logfile created 03/16/2013 at 22:03:24
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Helča & Honza - NOVEJNOTAS
# Boot Mode : Normal
# Running from : C:\Users\Helča & Honza\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (cs)

File : C:\Users\Helča & Honza\AppData\Roaming\Mozilla\Firefox\Profiles\zhrs6mc7.default\prefs.js

[OK] File is clean.

-\\ Opera v12.14.1738.0

File : C:\Users\Helča & Honza\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1147 octets] - [16/03/2013 19:37:41]
AdwCleaner[R2].txt - [1207 octets] - [16/03/2013 19:39:39]
AdwCleaner[S1].txt - [1144 octets] - [16/03/2013 22:03:24]

########## EOF - C:\AdwCleaner[S1].txt - [1204 octets] ##########

na zbytku se pracuje...

napsalo mi to nějakou hlášku, že nemůže vytvořit něco.bat (myslím, že to chtěl tvořit na ploše) a pak se to kouslo u Scanning HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\SamsungDriveManager... (to je na spodním řádku)

pro dnešek díky, zítra nevím kdy se dostanu k PC...

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Ja mam jeste zitra volno, takze tu budu zrejme nakukovat po cely den

Tak zatim

Dobré ráno.

OTL logfile created on: 17.3.2013 8:04:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Helča & Honza\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,61 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 48,03% Memory free
5,21 Gb Paging File | 3,57 Gb Available in Paging File | 68,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97,56 Gb Total Space | 56,21 Gb Free Space | 57,62% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 159,95 Gb Free Space | 81,89% Space Free | Partition Type: NTFS
Drive E: | 172,79 Gb Total Space | 136,27 Gb Free Space | 78,86% Space Free | Partition Type: NTFS
Drive F: | 677,10 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: NOVEJNOTAS | User Name: Helča & Honza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.17 07:39:09 | 001,598,976 | ---- | M] (Gemius) -- C:\Program Files\NetSoftware\NetSoftware.exe
PRC - [2013.03.16 22:08:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Helča & Honza\Desktop\OTL.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.02.21 15:22:24 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013.02.06 17:27:59 | 000,879,456 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012.08.17 17:55:38 | 005,796,440 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe
PRC - [2012.08.17 17:48:46 | 000,120,832 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Drive Manager\SZDrvMon.exe
PRC - [2012.08.17 17:48:44 | 000,019,456 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe
PRC - [2012.08.17 17:48:16 | 000,135,168 | ---- | M] (Clarus, Inc.) -- C:\Program Files\Clarus\Samsung Drive Manager\ABRTMon.exe
PRC - [2012.05.20 14:13:28 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012.02.13 09:06:52 | 002,602,304 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
PRC - [2012.02.01 08:11:34 | 001,083,264 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.01.04 12:32:36 | 000,718,888 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.01.04 12:32:18 | 000,173,096 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2012.01.04 12:32:06 | 000,148,520 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2011.11.29 11:47:46 | 000,096,128 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\ib\olycamdetect.exe
PRC - [2011.03.14 12:44:38 | 000,414,800 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LMutilps32.exe
PRC - [2011.03.14 12:44:38 | 000,334,416 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LMworker.exe
PRC - [2011.03.14 12:44:36 | 001,081,424 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2011.03.14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\dsiwmis.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.01 06:24:42 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 06:24:40 | 000,326,168 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.26 11:55:38 | 000,264,792 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

========== Modules (No Company Name) ==========

MOD - [2013.03.13 18:44:06 | 014,717,144 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.02.16 08:44:18 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.02.06 17:28:09 | 000,312,832 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2013.02.06 17:28:09 | 000,158,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2013.02.06 17:28:09 | 000,101,888 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2013.02.06 17:28:09 | 000,073,728 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2013.02.06 17:28:09 | 000,067,072 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2013.02.06 17:28:09 | 000,062,976 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2013.02.06 17:28:09 | 000,057,344 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2013.02.06 17:28:09 | 000,038,912 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2013.02.06 17:28:08 | 000,835,584 | ---- | M] () -- C:\Program Files\Opera\gstreamer\gstreamer.dll
MOD - [2013.02.06 17:28:08 | 000,096,256 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2013.02.06 17:28:08 | 000,094,208 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2013.02.06 17:28:08 | 000,093,696 | ---- | M] () -- C:\Program Files\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2013.01.13 20:12:56 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll
MOD - [2013.01.11 18:11:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 18:10:34 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.11 18:10:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.11 18:09:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.11 18:09:51 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.11 18:09:36 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012.02.01 08:12:34 | 000,423,808 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.02.01 08:12:32 | 000,058,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.02.01 08:12:30 | 000,272,768 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.02.01 08:12:30 | 000,095,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll
MOD - [2012.02.01 08:12:14 | 000,384,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtCore.dll
MOD - [2012.02.01 08:12:14 | 000,165,248 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll
MOD - [2012.02.01 08:12:12 | 010,843,520 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.02.01 08:12:12 | 002,557,312 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.02.01 08:12:12 | 000,346,496 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.02.01 08:12:08 | 001,294,208 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.02.01 08:12:08 | 000,196,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.02.01 08:12:06 | 000,919,936 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.02.01 08:12:06 | 000,682,880 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.02.01 08:12:06 | 000,517,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.02.01 08:12:04 | 008,172,928 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.02.01 08:12:04 | 002,252,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.02.01 08:12:02 | 002,288,512 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.02.01 08:12:00 | 000,422,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.02.01 08:11:56 | 000,202,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.02.01 08:11:56 | 000,034,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.02.01 08:11:54 | 000,032,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.02.01 08:11:36 | 000,388,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll
MOD - [2012.02.01 08:11:28 | 000,437,632 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll
MOD - [2012.02.01 08:11:18 | 001,037,696 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll
MOD - [2012.02.01 08:10:52 | 000,758,656 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.01.05 14:19:12 | 000,112,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2011.03.25 10:28:22 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010.11.13 03:37:03 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 09:43:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll

========== Services (SafeList) ==========

SRV - [2013.03.13 18:44:06 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.08 17:00:57 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.17 17:48:44 | 000,019,456 | ---- | M] (Clarus, Inc.) [Auto | Running] -- C:\Program Files\Clarus\Samsung Drive Manager\SZDrvSvc.exe -- (SZDrvSvc)
SRV - [2012.02.19 19:49:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012.01.04 12:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.14 12:44:36 | 000,352,336 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011.02.01 06:24:42 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.01 06:24:40 | 000,326,168 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - File not found [File_System | On_Demand | Stopped] -- C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ah42musi)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.21 14:57:52 | 000,089,008 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung Drive Manager\mvd23.sys -- (mvd23)
DRV - [2012.06.21 14:57:40 | 000,018,864 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Clarus\Samsung Drive Manager\mdf16.sys -- (mdf16)
DRV - [2012.03.13 16:51:06 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.03.13 16:36:36 | 000,473,656 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2011.04.19 03:51:48 | 000,068,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2011.03.17 10:42:26 | 002,158,592 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011.01.14 04:01:42 | 000,046,680 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AmUStor.sys -- (AmUStor)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.19 09:33:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2010.10.14 18:27:18 | 000,269,824 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2009.08.13 07:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2031247276-2872380062-851812115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-2031247276-2872380062-851812115-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2031247276-2872380062-851812115-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2031247276-2872380062-851812115-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2031247276-2872380062-851812115-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_9.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_9.0 [2012.04.10 18:29:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.20 14:13:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.16 17:36:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.08 17:00:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.02.24 09:33:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\gemgecko@gemius.com: C:\Program Files\NetSoftware\gemgecko_ext\ [2012.11.14 17:24:42 | 000,000,000 | ---D | M]

[2012.02.28 20:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Helča & Honza\AppData\Roaming\Mozilla\Extensions
[2013.03.08 17:00:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.08 17:00:59 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2013.02.27 19:29:55 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.02.27 19:29:55 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.02.27 19:29:55 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.02.27 19:29:55 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.02.27 19:29:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Internet Panel) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetSoftware\IEHelper.dll (Gemius)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files\Olympus\ib\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NetSoftware] C:\Program Files\NetSoftware\Starter.exe (Gemius)
O4 - HKLM..\Run: [Olympus ib] C:\Program Files\Olympus\ib\olycamdetect.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2031247276-2872380062-851812115-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-2031247276-2872380062-851812115-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2031247276-2872380062-851812115-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-2031247276-2872380062-851812115-1000..\Run: [Samsung Drive Manager] C:\Program Files\Clarus\Samsung Drive Manager\Drive Manager.exe (Clarus, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O13 - gopher Prefix: missing
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E2C4121-A2C3-46D9-AD66-DD124ADA620E}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004.11.17 19:01:41 | 000,000,000 | ---D | M] - F:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:40:24 | 000,684,032 | R--- | M] (Electronic Arts Inc.) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004.10.15 05:59:34 | 000,577,536 | R--- | M] (Electronic Arts Inc.) - F:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004.10.26 01:46:32 | 000,000,105 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0959b34b-585a-11e1-bac4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0959b34b-585a-11e1-bac4-806e6f6e6963}\Shell\AutoRun\command - "" = F:\DistinguishOS.exe
O33 - MountPoints2\{a809f3cc-5809-11e1-8674-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a809f3cc-5809-11e1-8674-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- [2004.10.15 05:59:34 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: winmgmt - C:\Windows\System32\wbem\WinMgmt.exe (Microsoft Corporation)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.03.16 22:08:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Helča & Honza\Desktop\OTL.exe
[2013.03.16 19:42:28 | 000,000,000 | ---D | C] -- C:\Users\Helča & Honza\AppData\Roaming\Malwarebytes
[2013.03.16 19:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.03.16 19:42:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.16 19:41:59 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.03.16 19:41:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.03.16 19:41:43 | 000,000,000 | ---D | C] -- C:\Users\Helča & Honza\AppData\Local\Programs
[2013.03.16 19:37:01 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Helča & Honza\Desktop\mbam-setup-1.70.0.1100.exe
[2013.03.16 17:59:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.16 17:52:43 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.16 17:52:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.16 17:52:36 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.16 17:52:36 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.16 17:52:27 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.03.16 17:42:26 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.03.16 17:42:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.03.16 17:42:24 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.03.16 17:42:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.03.16 17:42:24 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.03.16 17:42:22 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.03.16 17:42:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.03.16 17:42:20 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.03.13 21:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.13 21:29:59 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.10 09:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin
[2013.03.08 17:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.03.03 14:50:11 | 000,000,000 | ---D | C] -- C:\Users\Helča & Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Atlantis
[2013.03.03 14:38:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\WING32.DLL
[2013.03.02 10:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.02.24 09:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.02.21 22:34:02 | 000,000,000 | ---D | C] -- C:\Users\Helča & Honza\AppData\Roaming\XBMC
[2013.02.21 22:33:44 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2013.02.21 22:33:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2013.02.21 22:32:47 | 000,000,000 | ---D | C] -- C:\Users\Helča & Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
[2013.02.21 22:32:10 | 000,000,000 | ---D | C] -- C:\Program Files\XBMC

========== Files - Modified Within 30 Days ==========

[2013.03.17 08:07:57 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.17 07:47:00 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 07:47:00 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 07:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.17 07:39:05 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.17 07:39:04 | 000,000,216 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2013.03.17 07:38:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.17 07:38:49 | 2099,662,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.16 22:27:02 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.16 22:08:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Helča & Honza\Desktop\OTL.exe
[2013.03.16 19:42:02 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.03.16 19:37:22 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Helča & Honza\Desktop\mbam-setup-1.70.0.1100.exe
[2013.03.16 19:34:19 | 000,597,667 | ---- | M] () -- C:\Users\Helča & Honza\Desktop\adwcleaner.exe
[2013.03.16 17:52:31 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.03.16 17:52:29 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.03.16 17:52:29 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.03.16 17:52:29 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.03.16 17:52:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.03.16 17:52:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.03.16 17:36:31 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.16 17:33:37 | 000,338,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.03.13 21:52:56 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.03.13 18:49:44 | 000,002,539 | ---- | M] () -- C:\Users\Helča & Honza\Desktop\Hkey.reg
[2013.03.13 18:44:06 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.13 18:44:06 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.03.07 00:33:24 | 000,164,736 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.03.07 00:33:24 | 000,049,248 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.03.07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013.03.02 10:32:14 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.02.24 09:34:58 | 000,000,286 | ---- | M] () -- C:\Users\Helča & Honza\Desktop\Simt - 1 .appref-ms
[2013.02.16 08:10:48 | 000,666,444 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.02.16 08:10:48 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.16 08:10:48 | 000,140,108 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.02.16 08:10:48 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013.03.16 22:14:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.16 19:42:02 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.03.16 19:34:18 | 000,597,667 | ---- | C] () -- C:\Users\Helča & Honza\Desktop\adwcleaner.exe
[2013.03.16 17:36:33 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.16 17:36:31 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.03.13 18:37:14 | 000,002,539 | ---- | C] () -- C:\Users\Helča & Honza\Desktop\Hkey.reg
[2013.03.02 10:32:14 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.02.24 09:34:58 | 000,000,286 | ---- | C] () -- C:\Users\Helča & Honza\Desktop\Simt - 1 .appref-ms
[2013.02.14 19:50:00 | 095,023,320 | ---- | C] () -- C:\ProgramData\5572387.pad
[2012.03.31 18:24:51 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2012.02.28 20:09:42 | 000,000,135 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.02.19 19:45:52 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.02.19 19:43:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.02.15 20:15:26 | 000,008,192 | R--- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.02.15 17:43:26 | 000,247,560 | R--- | C] () -- C:\Windows\System32\drivers\RTConvEQ.dat
[2012.02.15 17:43:26 | 000,043,514 | R--- | C] () -- C:\Windows\System32\drivers\RtPCEE4.DAT
[2012.02.15 17:43:26 | 000,039,672 | R--- | C] () -- C:\Windows\System32\drivers\RtPCEE3.DAT
[2012.02.15 17:43:26 | 000,001,448 | R--- | C] () -- C:\Windows\System32\drivers\RtHdatEx.dat
[2012.02.15 17:43:26 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX3.dat
[2012.02.15 17:43:26 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX2.dat
[2012.02.15 17:43:26 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2012.02.15 17:43:26 | 000,000,520 | R--- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2012.02.15 17:43:26 | 000,000,176 | R--- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2012.02.15 17:43:26 | 000,000,040 | R--- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2012.02.15 17:40:16 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.02.15 17:40:16 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.02.15 17:40:11 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012.02.15 17:40:11 | 000,216,876 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012.02.15 17:40:11 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012.02.15 17:40:11 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.03.13 21:54:19 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite
[2012.06.25 16:37:58 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Garmin
[2013.03.10 08:48:17 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\GeoGet
[2012.04.10 18:35:50 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Nokia
[2012.04.10 18:35:51 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Nokia Suite
[2012.12.21 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Opera
[2012.04.10 18:34:00 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\PC Suite
[2012.12.12 21:28:46 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Rovio
[2012.02.28 20:14:01 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Thunderbird
[2013.03.03 08:39:34 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\XBMC

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,534 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.02.28 20:09:42 | 000,000,216 | ---- | C] () -- C:\Windows\Tasks\AutoKMS.job
[2012.03.13 16:24:38 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.13 16:24:40 | 000,000,954 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.29 10:07:48 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\3aabb5b41372db579bd4dcfb96cbcf64\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3aabb5b41372db579bd4dcfb96cbcf64\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\59e1fa28495cdd77c27b61432454fc64\*.tmp files -> C:\Windows\SoftwareDistribution\Download\59e1fa28495cdd77c27b61432454fc64\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\baa7a2b2031ecf51847caab66c423bd7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\baa7a2b2031ecf51847caab66c423bd7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bbbea1bb6991920a67a2b51742f369df\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bbbea1bb6991920a67a2b51742f369df\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\c678b9cadd2c6fb1a9ce29ffb593b8c1\*.tmp files -> C:\Windows\SoftwareDistribution\Download\c678b9cadd2c6fb1a9ce29ffb593b8c1\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\cadfd73a978beb54e8ac84ec9a4cf99b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cadfd73a978beb54e8ac84ec9a4cf99b\*.tmp -> ]
[1 C:\Windows\Temp\avast_ash\Mozilla Thunderbird\*.tmp files -> C:\Windows\Temp\avast_ash\Mozilla Thunderbird\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.23 05:28:18 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Adobe
[2012.06.14 20:25:23 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Ahead
[2013.01.01 16:40:17 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\CyberLink
[2013.03.13 21:54:19 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite
[2013.02.16 14:12:49 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\dvdcss
[2012.06.25 16:37:58 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Garmin
[2013.03.10 08:48:17 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\GeoGet
[2012.11.14 17:24:21 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Google
[2012.02.15 06:02:22 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Identities
[2012.02.15 20:15:52 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\InstallShield
[2012.02.15 20:18:28 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Intel Corporation
[2012.02.15 20:38:30 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Macromedia
[2013.03.16 19:42:28 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Malwarebytes
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Media Center Programs
[2012.05.14 16:35:30 | 000,000,000 | --SD | M] -- C:\Users\Helča & Honza\AppData\Roaming\Microsoft
[2012.11.14 09:20:04 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Mozilla
[2012.06.13 20:55:03 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Nero
[2012.04.10 18:35:50 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Nokia
[2012.04.10 18:35:51 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Nokia Suite
[2012.12.21 15:42:27 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Opera
[2012.04.10 18:34:00 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\PC Suite
[2012.05.20 14:13:58 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Real
[2012.05.20 14:14:42 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\RealNetworks
[2012.12.12 21:28:46 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Rovio
[2012.02.28 20:14:01 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\Thunderbird
[2013.03.10 08:46:32 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\vlc
[2012.02.19 18:51:34 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\WinRAR
[2013.03.03 08:39:34 | 000,000,000 | ---D | M] -- C:\Users\Helča & Honza\AppData\Roaming\XBMC

< %APPDATA%\*.exe /s >
[2011.10.28 23:57:13 | 000,164,864 | ---- | M] () -- C:\Users\Helča & Honza\AppData\Roaming\Garmin\Maps\UnLock MapSource.exe
[2013.03.07 18:17:35 | 006,223,161 | ---- | M] ( ) -- C:\Users\Helča & Honza\AppData\Roaming\GeoGet\ggupdate\geogetsetup-2.7.5.707.exe
[2013.03.03 16:53:48 | 000,724,480 | ---- | M] () -- C:\Users\Helča & Honza\AppData\Roaming\GeoGet\script\geojarry\geojarryw.exe
[2013.02.02 18:41:10 | 008,060,690 | ---- | M] () -- C:\Users\Helča & Honza\AppData\Roaming\GeoGet\script\GgStat\GgStat.exe
[2012.12.30 16:15:24 | 034,768,296 | ---- | M] (Rovio) -- C:\Users\Helča & Honza\AppData\Roaming\Rovio\Bad Piggies\updates\Update\BadPiggiesInstaller_1.1.0.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.03.17 07:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.17 07:39:04 | 000,000,216 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2013.03.17 07:39:05 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.17 08:27:03 | 000,000,954 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.17 07:47:00 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.17 07:47:00 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.16 17:36:31 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2013.03.16 17:52:29 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2013.03.16 17:33:37 | 000,338,800 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2013.03.16 17:52:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\java.exe
[2013.03.16 17:52:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaw.exe
[2013.03.16 17:52:29 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\javaws.exe
[2013.03.17 07:41:39 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.03.16 17:44:03 | 069,796,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2013.03.16 17:52:29 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll
[2013.03.16 17:52:31 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge.dll

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2010.02.21 01:22:00 | 000,000,386 | ---- | M] () -- \Users\Helča & Honza\AppData\Roaming\GeoGet\offline\sysimg\WM\Cracker_Barrel_Restaurants.gif

< *keygen* /s >

< *loader* /s >
[2007.06.27 18:03:00 | 000,177,448 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011.09.01 11:13:30 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2011.11.29 11:48:28 | 000,124,200 | ---- | M] () -- \Program Files\OLYMPUS\ib\Koan\pyloader.dll
[2011.11.29 11:48:38 | 000,033,837 | ---- | M] () -- \Program Files\OLYMPUS\ib\subsys\DataCenter\ImageLoader.kc
[2011.11.29 11:48:48 | 000,011,648 | ---- | M] () -- \Program Files\OLYMPUS\ib\subsys\HTMLView\pycom\win32\_win32sysloader.pyd
[2012.12.17 10:18:02 | 000,004,782 | ---- | M] () -- \Program Files\XBMC\addons\webinterface.default\images\ajax-loader.gif
[2012.05.20 14:13:39 | 000,012,512 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.05.20 14:13:39 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.05.20 14:13:39 | 000,012,512 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.05.20 14:13:39 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.03.13 16:43:45 | 000,057,728 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.03.13 16:43:45 | 000,057,728 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.03.13 16:43:45 | 000,057,728 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.03.13 16:43:46 | 000,057,728 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.03.13 16:43:46 | 000,057,728 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.03.13 16:43:46 | 000,061,770 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.03.13 16:43:46 | 000,061,770 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2012.04.26 15:00:02 | 000,009,051 | ---- | M] () -- \Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.04.26 15:00:02 | 000,016,119 | ---- | M] () -- \Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.04.26 15:00:02 | 000,018,434 | ---- | M] () -- \Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.04.26 15:00:02 | 000,009,283 | ---- | M] () -- \Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.04.26 15:00:02 | 000,001,699 | ---- | M] () -- \Users\Helča & Honza\AppData\Roaming\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2011.03.13 10:13:10 | 000,699,192 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderFrontparts_diffuse.dds
[2010.05.05 19:14:32 | 000,699,192 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderFrontparts_normal.dds
[2010.05.05 19:14:30 | 000,699,192 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderFrontparts_specular.dds
[2010.05.05 19:14:32 | 000,087,536 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderGrid_diffuse.dds
[2010.05.05 19:14:32 | 000,043,832 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderGrid_normal.dds
[2010.05.05 19:14:32 | 000,043,832 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderGrid_specular.dds
[2011.03.02 14:41:50 | 000,107,948 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderIdle.wav
[2011.03.02 14:42:28 | 000,079,916 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderStart.wav
[2011.03.02 14:42:46 | 000,026,504 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoaderStop.wav
[2011.03.13 10:40:02 | 002,796,344 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoader_diffuse.dds
[2010.05.05 19:14:32 | 002,796,344 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoader_normal.dds
[2010.05.05 19:14:32 | 002,796,344 | ---- | M] () -- \Users\Helča & Honza\Documents\My Games\FarmingSimulator2011\mods\case_70xt\material\skidSteerLoader_specular.dds
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2012.02.15 18:12:48 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.02.19 20:10:45 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2012.02.19 20:10:45 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2012.02.19 20:10:45 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2012.02.28 20:09:42 | 000,000,135 | ---- | M] () -- \Windows\AutoKMS.ini
[2013.03.16 17:54:40 | 000,000,562 | ---- | M] () -- \Windows\AutoKMS.log
[2012.02.28 20:09:43 | 000,002,456 | ---- | M] () -- \Windows\System32\Tasks\AutoKMS
[2013.03.17 07:39:04 | 000,000,216 | ---- | M] () -- \Windows\Tasks\AutoKMS.job

< *activator* /s >

pokračování 1. logu:

< *serial* /s >
[2013.01.24 20:09:36 | 000,434,264 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.dll
[2013.03.16 17:43:44 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20125.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.02.15 20:52:35 | 000,000,389 | ---- | M] () -- \Users\Helča & Honza\AppData\Local\Opera\Opera\icons\http%3A%2F%2Fwww.serial-online.cz%2Ffavicon.png
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.11 18:12:26 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.01.11 18:10:49 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.15 18:34:02 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\77abf1693d291d374b58ffbbfe36d4dd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.01.15 18:34:37 | 002,647,040 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\910fe53ec2122cf3a2ad11c2b2f5cbfd\System.Runtime.Serialization.ni.dll
[2013.01.15 18:38:31 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\058c3947c450591cb81643529cfd5ca7\System.Xml.Serialization.ni.dll
[2012.02.23 22:22:21 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.02.16 08:11:30 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012.02.23 22:22:21 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.02.16 08:11:27 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.02.16 08:11:44 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 001,026,936 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.06 16:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\drivers\serial.sys
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\System32\drivers\cs-CZ\serial.sys.mui
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\mdmmotsm.inf_x86_neutral_c1415d9789c54b89\smserial.sys
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_x86_neutral_63e72c669d043f14\grserial.sys
[2009.07.14 03:18:03 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 03:18:03 | 000,015,952 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486_kdcom.dll_db5e7744
[2009.07.14 09:43:55 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:18:51 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 02:52:33 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896.manifest
[2010.11.20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.14 09:42:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 20:04:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:02:24 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2009.07.14 02:51:52 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9.manifest
[2010.11.20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2009.07.14 02:49:26 | 000,002,762 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_118be3420dfe8486.manifest
[2009.07.14 02:45:27 | 000,000,866 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_2c93290b67c98d09.manifest
[2009.07.14 02:57:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b.manifest
[2010.11.20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.07.14 09:43:23 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:14:06 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7600.16385_none_a6aa149474833896\System.Runtime.Serialization.dll
[2010.11.05 02:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 02:55:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:50 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7600.16385_none_d6ed4a2e9c2a39c9\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2009.07.13 23:13:45 | 001,068,032 | ---- | M] () -- \Windows\winsxs\x86_mdmmotsm.inf_31bf3856ad364e35_6.1.7600.16385_none_7a97936f8a972896\smserial.sys
[2009.07.14 09:43:15 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c002c1170ca9a88f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:53:33 | 000,011,776 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_c233d4df09982c29\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.14 09:43:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2009.07.14 09:43:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_5d4a68b4b3d26ecc\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:53:39 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2009.07.14 09:43:30 | 000,009,728 | ---- | M] () -- \Windows\winsxs\x86_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_c48c78a9ad8ff996\serial.sys.mui
[2009.07.14 00:45:33 | 000,083,456 | ---- | M] () -- \Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys
[2009.07.13 23:09:18 | 000,031,232 | ---- | M] () -- \Windows\winsxs\x86_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_7280378295916274\grserial.sys
[2009.06.10 22:13:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7600.16385_none_dbc7f5fbdd00d40b\System.Runtime.Serialization.dll
[2010.11.05 02:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

VIRY.CZ

Centrum zabezpečení nelze spustit

Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit

Re: Centrum zabezpečení nelze spustit