VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nechtěná delta-search.com

https://forum.viry.cz:443/viewtopic.php?t=129073

Stránka 1 z 2

nechtěná delta-search.com

Napsal: 25 bře 2013 09:45
od lenishine
Tento prohlížeč se mi vkradl do PC a ne a ne odejít. Odinstalovala jsem veškeré nové soubory s kterými mohl přijít, ale myslím, že tam stejně jsou, i když nejsou vidět. Upravovala jsem to už všemi způsoby v google chrom, ale mám ho i v jiných prohlížečích Zkusila jsaem už opravdu vše co se doporučuje a nic. Prosím o radu, jak se toho zbavit?

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 09:48
od vyosek
Zdravim, pekne dopoledne preji a vitam Vas u nas na foru :welcome:

:arrow: Dejte prosim log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Prohledat
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 10:28
od lenishine
Tak nevím jestli je to ono, je to hrozně dlouhý, ale toto se mi objevilo

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pc at 2013-03-25 10:06:55
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 16 GB (21%) free of 80 GB
Total RAM: 1901 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:53, on 25.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Windows\System32\ACEngSvr.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\ASUS\ControlDeck\ControlDeck.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Pc\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Pc\Downloads\RSIT.exe
C:\Program Files\trend micro\Pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... CF305DD4B1}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - {ff19b72a-36ed-4066-8865-a580ae938cce} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - (no file)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [NetSetMan] C:\Program Files\NetSetMan\netsetman.exe
O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
O4 - HKCU\..\Run: [Google Update] "C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECC263B0-256C-47D1-B23C-06CAE9BDC13A}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - ASUSTeK Computer Inc. - C:\Windows\system32\FBAgent.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: BasicServe Service - Unknown owner - C:\Program Files\BasicServe\basicserve.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 14295 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
C:\Windows\tasks\Norton Security Scan for Pc.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default

prefs.js - "browser.startup.homepage" - "http://www.delta-search.com/?affID=1206 ... CF305DD4B1"
prefs.js - "keyword.URL" - "http://www.basicserve.com/?prt=bscsrvlink&sp=sweetim search&keywords="

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

C:\Program Files\Mozilla Firefox\extensions\
{740B3FD5-4483-469D-BE7F-8555B153BD04}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npkimi.dll
nppdf32.dll
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
babylon.xml
BearShareWebSearch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions\
eurotranxp2@microton.cz
toolbar@ask.com
{ff19b72a-36ed-4066-8865-a580ae938cce}

C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\searchplugins\
askcom.xml
BearShareWebSearch.xml
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-11-19 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-08-07 453104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-18 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-18 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2012-05-04 1519272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-08-07 157680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-06-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-06-04 1310040]
!{2318C2B1-4965-11d4-9B18-009027A5CD4F}
!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
!{D4027C7F-154A-4066-A1AD-4243D8127440}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-18 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 548744]
"ATKOSD2"=C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-06-24 6806144]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2010-07-02 1597440]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-09-28 1406248]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2012-05-04 1561768]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"PCFix"=C:\Program Files\PCFix\PCFix.exe []
"AVG_UI"=C:\Program Files\AVG\AVG2013\avgui.exe [2012-12-11 3147384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"AnyDVD"=C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2011-01-13 4800120]
"NetSetMan"=C:\Program Files\NetSetMan\netsetman.exe [2011-02-20 4301576]
"RegistryBooster"=C:\Program Files\Uniblue\RegistryBooster\launcher.exe delay 20000 []
"Google Update"=C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23 116648]
"AdobeBridge"= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
"cz.seznam.software.autoupdate"=C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-07-27 35768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe

C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-25 10:07:06 ----D---- C:\Program Files\trend micro
2013-03-25 10:06:55 ----D---- C:\rsit
2013-03-25 00:35:56 ----D---- C:\Users\Pc\AppData\Roaming\AVG2013
2013-03-25 00:34:53 ----D---- C:\Users\Pc\AppData\Roaming\TuneUp Software
2013-03-25 00:34:15 ----HD---- C:\$AVG
2013-03-25 00:34:15 ----D---- C:\ProgramData\AVG2013
2013-03-25 00:33:36 ----D---- C:\Program Files\AVG
2013-03-25 00:22:08 ----HD---- C:\ProgramData\Common Files
2013-03-25 00:22:08 ----D---- C:\ProgramData\MFAData
2013-03-24 19:14:00 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-03-24 19:14:00 ----D---- C:\Program Files\Spybot - Search & Destroy
2013-03-24 18:26:46 ----D---- C:\Users\Pc\AppData\Roaming\ESET
2013-03-24 18:18:50 ----D---- C:\Users\Pc\AppData\Roaming\Seznam.cz
2013-03-23 18:33:53 ----D---- C:\Program Files\Enigma Software Group
2013-03-23 18:32:51 ----D---- C:\Windows\D8167CA8236B4334B77DF388F494EE18.TMP
2013-03-23 18:32:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-03-23 15:44:52 ----D---- C:\Users\Pc\AppData\Roaming\Audacity
2013-03-23 14:39:03 ----D---- C:\Users\Pc\AppData\Roaming\Avnex
2013-03-23 14:35:23 ----D---- C:\Users\Pc\AppData\Roaming\PCFix
2013-03-23 14:34:23 ----D---- C:\ProgramData\BrowserProtect
2013-03-23 14:34:12 ----D---- C:\Program Files\PCFix
2013-03-23 14:33:54 ----D---- C:\Program Files\BasicServe
2013-03-23 14:33:44 ----D---- C:\ProgramData\Babylon
2013-03-23 14:33:30 ----D---- C:\ProgramData\Tarma Installer
2013-03-23 13:41:11 ----A---- C:\Windows\system32\MSVCR71.DLL
2013-03-23 13:41:11 ----A---- C:\Windows\system32\MSVCP71.DLL
2013-03-23 13:41:11 ----A---- C:\Windows\system32\MFC71U.DLL
2013-03-23 13:41:11 ----A---- C:\Windows\system32\ATL71.DLL
2013-03-23 13:41:10 ----A---- C:\Windows\system32\MFC71.DLL
2013-03-13 21:25:00 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 21:24:58 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 21:24:57 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 21:24:57 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 21:24:52 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 21:24:51 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 21:24:49 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 21:24:48 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 21:24:47 ----A---- C:\Windows\system32\url.dll
2013-03-13 21:24:47 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-01 12:27:30 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-01 12:27:27 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-02-28 08:04:05 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-28 08:03:58 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-28 08:03:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 08:03:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 08:03:54 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 08:03:50 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 08:03:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 08:03:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 08:03:46 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 08:03:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 08:03:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 08:03:45 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 08:03:43 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 08:03:43 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-28 08:03:42 ----A---- C:\Windows\system32\dxgi.dll
2013-02-28 08:03:42 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-28 08:03:41 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-28 08:03:41 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-28 08:03:40 ----A---- C:\Windows\system32\d3d11.dll
2013-02-28 08:03:40 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-28 08:03:40 ----A---- C:\Windows\system32\d3d10.dll
2013-02-28 08:03:39 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-28 08:03:38 ----A---- C:\Windows\system32\FntCache.dll
2013-02-28 08:03:38 ----A---- C:\Windows\system32\DWrite.dll
2013-02-28 08:03:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 08:03:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 08:03:33 ----A---- C:\Windows\system32\d2d1.dll

======List of files/folders modified in the last 1 month======

2013-03-25 10:07:12 ----D---- C:\Windows\Temp
2013-03-25 10:07:06 ----RD---- C:\Program Files
2013-03-25 07:21:59 ----D---- C:\Windows\system32\config
2013-03-25 05:24:49 ----D---- C:\Users\Pc\AppData\Roaming\Skype
2013-03-25 05:22:11 ----D---- C:\Windows\system32\Tasks
2013-03-25 05:21:01 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-03-25 05:20:00 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-03-25 05:19:45 ----A---- C:\Windows\system32\log.txt
2013-03-25 05:18:06 ----D---- C:\Windows\system32\drivers
2013-03-25 00:37:00 ----SHD---- C:\Windows\Installer
2013-03-25 00:34:15 ----HD---- C:\ProgramData
2013-03-25 00:33:53 ----SHD---- C:\System Volume Information
2013-03-25 00:28:56 ----D---- C:\Windows\system32\DriverStore
2013-03-25 00:28:56 ----D---- C:\Windows\system32\catroot
2013-03-25 00:28:56 ----D---- C:\Windows\inf
2013-03-25 00:26:11 ----D---- C:\Program Files\Google
2013-03-25 00:02:09 ----D---- C:\Windows\Tasks
2013-03-25 00:02:09 ----D---- C:\Windows\system32\wfp
2013-03-25 00:02:08 ----D---- C:\Windows\system32\wbem
2013-03-25 00:02:08 ----D---- C:\Windows
2013-03-25 00:01:26 ----D---- C:\Windows\system32\catroot2
2013-03-25 00:01:26 ----D---- C:\Windows\System32
2013-03-25 00:01:23 ----SD---- C:\ProgramData\Microsoft
2013-03-25 00:01:23 ----D---- C:\ProgramData\P4G
2013-03-25 00:01:23 ----D---- C:\ProgramData\Norton
2013-03-25 00:01:23 ----D---- C:\ProgramData\McAfee Security Scan
2013-03-25 00:01:20 ----D---- C:\Windows\registration
2013-03-24 23:30:59 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-03-24 19:26:43 ----D---- C:\Windows\system32\wdi
2013-03-24 18:28:49 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-03-24 18:15:14 ----SD---- C:\Users\Pc\AppData\Roaming\Microsoft
2013-03-24 18:08:39 ----D---- C:\Program Files\Mozilla Firefox
2013-03-24 17:17:00 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-03-23 18:34:05 ----D---- C:\Windows\Prefetch
2013-03-23 18:32:50 ----D---- C:\Program Files\Common Files
2013-03-23 16:18:02 ----D---- C:\Program Files\Common Files\Adobe
2013-03-23 16:17:38 ----D---- C:\Program Files\Adobe
2013-03-23 16:04:52 ----D---- C:\ProgramData\Adobe
2013-03-21 20:16:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-20 09:22:23 ----D---- C:\Windows\winsxs
2013-03-15 06:40:56 ----D---- C:\Windows\debug
2013-03-14 19:11:11 ----D---- C:\Windows\rescache
2013-03-14 10:23:34 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-03-14 08:14:08 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 08:13:10 ----D---- C:\Windows\system32\migration
2013-03-14 08:13:10 ----D---- C:\Program Files\Internet Explorer
2013-03-14 07:53:48 ----A---- C:\Windows\system32\MRT.exe
2013-03-14 07:53:29 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 07:50:01 ----D---- C:\Windows\AppPatch
2013-03-10 23:19:30 ----D---- C:\Users\Pc\AppData\Roaming\Media Player Classic
2013-03-07 00:32:42 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-28 08:22:02 ----D---- C:\Windows\system32\pt-PT
2013-02-28 08:22:02 ----D---- C:\Windows\system32\pt-BR
2013-02-28 08:22:02 ----D---- C:\Windows\system32\pl-PL
2013-02-28 08:22:02 ----D---- C:\Windows\system32\ko-KR
2013-02-28 08:22:02 ----D---- C:\Windows\system32\it-IT
2013-02-28 08:22:02 ----D---- C:\Windows\system32\hu-HU
2013-02-28 08:22:01 ----D---- C:\Windows\system32\zh-HK
2013-02-28 08:22:01 ----D---- C:\Windows\system32\tr-TR
2013-02-28 08:22:01 ----D---- C:\Windows\system32\nl-NL
2013-02-28 08:22:01 ----D---- C:\Windows\system32\fr-FR
2013-02-28 08:22:01 ----D---- C:\Windows\system32\fi-FI
2013-02-28 08:22:01 ----D---- C:\Windows\system32\el-GR
2013-02-28 08:22:00 ----D---- C:\Windows\system32\zh-TW
2013-02-28 08:22:00 ----D---- C:\Windows\system32\zh-CN
2013-02-28 08:22:00 ----D---- C:\Windows\system32\sv-SE
2013-02-28 08:22:00 ----D---- C:\Windows\system32\ru-RU
2013-02-28 08:22:00 ----D---- C:\Windows\system32\nb-NO
2013-02-28 08:22:00 ----D---- C:\Windows\system32\ja-JP
2013-02-28 08:22:00 ----D---- C:\Windows\system32\es-ES
2013-02-28 08:22:00 ----D---- C:\Windows\system32\en-US
2013-02-28 08:22:00 ----D---- C:\Windows\system32\de-DE
2013-02-28 08:22:00 ----D---- C:\Windows\system32\da-DK
2013-02-28 08:22:00 ----D---- C:\Windows\system32\cs-CZ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2011-01-14 30264]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 49248]
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2012-09-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2012-11-15 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-09-14 35552]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 330264]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 60656]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2012-09-21 19936]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-10-02 159712]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-09-21 164832]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-12-01 108104]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2010-03-02 1263104]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2010-01-18 514104]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-06-10 103424]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-02 232960]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 119408]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver; C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 98928]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1766592]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 131000]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-07 303744]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-03-07 45248]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R3 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S2 BasicServe Service;BasicServe Service; C:\Program Files\BasicServe\basicserve.exe [2013-03-15 22528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-23 136176]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-24 253656]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-23 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-12 194032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-24 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-16 1343400]

-----------------EOF-----------------

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 11:08
od vyosek
:arrow: Ano je to ono, je to dlouhe, jelikoz je tam hodne neporadku, ale ja se ti prolouskam

:arrow: Odinstalujte antivir AVG2013, mate tam Avast a ten je daleko lepsi. Dva antiviry v systemu byt nemohou, jelikoz dochazi ke kolizi

:arrow: Pote jeste pouzijte tento nastroj http://download.avg.com/filedir/util/av ... 3_2706.exe

:arrow: Tez odinstalujte Spybot - Search & Destroy. Ma uz davno nejlepsi leta za sebou a neni schopen celit aktualnim hrozbam

:arrow: A jako dalsi odinstalujte McAfee Security Scan - tez je v kolizi s Avastem

:arrow: A udelejte prosim i ten AdwCleaner, jak jsem psal v prvnim prispevku

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 12:43
od lenishine
Moc díky, udělala jsem snad vše co jste napsal. Tady je výsledek s adw cleaner:

# AdwCleaner v2.115 - Log vytvooen 25/03/2013 v 12:41:26
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (32 bits)
# Uživatel : Pc - LENKA
# Spuštin systém : Normální
# Spuštino z : C:\Users\Pc\Downloads\adwcleaner (1).exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\Google\Chrome\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\lhdfjaaobagbaepmefnjabfmhnggliop
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v18.0.1 (cs)

Soubor : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.2330] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=120640&babs ... CF305DD4B1" ]

*************************

AdwCleaner[R1].txt - [1649 octets] - [25/03/2013 12:38:26]
AdwCleaner[R2].txt - [1519 octets] - [25/03/2013 12:41:26]
AdwCleaner[S1].txt - [29448 octets] - [25/03/2013 11:55:54]

########## EOF - C:\AdwCleaner[R2].txt - [1640 octets] ##########

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 12:56
od lenishine
Teď jsem dala na adw cleaner vymazat a i když v další zprávě bylo, že je delta vymazána. Mám ji tu žel pořád....

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 12:59
od vyosek
:arrow: Tak se na to podivame hloubeji

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:03
od lenishine
moc díky -provádím :)

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:07
od vyosek
Prozatim neni zac, snad se toho smejdu zbavime

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:39
od lenishine
OTL logfile created on: 25.3.2013 13:02:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pc\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,86 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 29,64% Memory free
3,71 Gb Paging File | 1,87 Gb Available in Paging File | 50,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 16,63 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 121,35 Gb Free Space | 55,17% Space Free | Partition Type: NTFS

Computer Name: LENKA | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.25 13:00:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Downloads\OTL.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.13 14:06:11 | 004,800,120 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.06.24 17:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.06.10 08:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.05.28 10:49:08 | 000,277,120 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.05.17 11:06:10 | 001,079,936 | ---- | M] (asus) -- C:\Program Files\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010.05.03 17:07:54 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2010.05.03 14:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.05.03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.04.14 07:42:26 | 000,715,320 | ---- | M] (Conexant Systems, Inc) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe
PRC - [2010.04.07 06:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\System32\FBAgent.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.23 10:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.06.29 10:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013.03.11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013.03.11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013.03.11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013.03.11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013.03.11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013.02.14 19:29:48 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.02.14 19:28:13 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.02.14 19:28:11 | 001,308,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SmartAudio\76118fe8a477d68e0fd27eac062627df\SmartAudio.ni.exe
MOD - [2013.02.14 18:09:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.10 15:11:30 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
MOD - [2013.01.10 15:11:27 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.CxHDAudioAP#\d36536c0e8836056532493d7a95fc1b7\Interop.CxHDAudioAPILib.ni.dll
MOD - [2013.01.10 15:11:24 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013.01.10 09:42:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 09:41:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 09:41:26 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 09:40:32 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 09:40:26 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 09:40:01 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 09:39:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 09:39:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 09:39:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 09:38:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.05 02:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010.11.05 02:53:43 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010.07.01 11:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010.05.05 18:22:30 | 000,098,304 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2010.02.23 15:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Brightness.dll
MOD - [2010.02.23 15:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\P4GControl.dll
MOD - [2010.02.23 15:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Resolution.dll
MOD - [2010.02.23 15:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Volume.dll
MOD - [2010.01.11 10:27:36 | 000,012,800 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.07.14 09:43:19 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll
MOD - [2008.09.30 23:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV - [2013.03.24 18:08:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.24 17:17:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.15 20:37:22 | 000,022,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\BasicServe\basicserve.exe -- (BasicServe Service)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.16 12:39:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\System32\FBAgent.exe -- (AFBAgent)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.08.17 10:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.01.14 09:58:39 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2010.12.01 20:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.03.02 09:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.26 09:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010.02.25 04:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2010.02.02 23:36:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010.01.18 10:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.08.18 09:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009.06.18 12:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2009.06.05 11:14:42 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.05.13 09:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.05.23 17:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.02.11 10:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - No CLSID value found
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvli ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{BCCD1ADC-E5B2-4951-956C-8D8F37D93805}: "URL" = http://websearch.ask.com/redirect?clien ... 9637F36F00
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: eurotranxp2%40microton.cz:3.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B740B3FD5-4483-469D-BE7F-8555B153BD04%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.03.08 11:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.19 11:44:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]

[2012.09.02 15:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Extensions
[2013.03.25 11:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions
[2012.08.10 07:46:55 | 000,000,000 | ---D | M] (Eurotran XP) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions\eurotranxp2@microton.cz
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\searchplugins\BearShareWebSearch.xml
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013.03.08 11:34:20 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2013.03.24 18:08:39 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.12.17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npkimi.dll
[2012.11.11 10:21:52 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012.08.08 18:27:36 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.08 18:27:36 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.08.08 18:27:36 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.08 18:27:36 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.08 18:27:36 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\Toolbar\WebBrowser: (no name) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [NetSetMan] C:\Program Files\NetSetMan\netsetman.exe (Ilja Herlein)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECC263B0-256C-47D1-B23C-06CAE9BDC13A}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Kód: Vybrat vše

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2013.03.25 10:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.25 10:06:55 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.25 00:34:53 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2013.03.25 00:34:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.03.25 00:22:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013.03.24 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ESET
[2013.03.24 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ESET
[2013.03.24 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2013.03.23 18:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.03.23 18:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.03.23 18:10:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RonyaSoft
[2013.03.23 15:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 15:44:20 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Programs
[2013.03.23 14:39:03 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.23 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.23 14:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
[2013.03.23 14:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\PCFix
[2013.03.23 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\BasicServe
[2013.03.23 13:41:11 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71U.DLL
[2013.03.23 13:41:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ATL71.DLL
[2013.03.23 13:41:10 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.DLL
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.25 13:02:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:49:06 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.25 12:48:58 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 12:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.25 12:48:38 | 1494,663,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.25 12:31:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2013.03.25 05:21:01 | 000,001,294 | ---- | M] () -- C:\Windows\System32\ServiceFilter.ini
[2013.03.25 05:20:00 | 000,002,228 | ---- | M] () -- C:\Windows\System32\AutoRunFilter.ini
[2013.03.24 19:31:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2013.03.24 17:17:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.24 17:17:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.24 09:07:11 | 000,000,173 | ---- | M] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 19:37:18 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.23 14:34:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Pc.job
[2013.03.21 20:16:44 | 000,631,428 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.21 20:16:44 | 000,616,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.21 20:16:44 | 000,122,050 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.21 20:16:44 | 000,106,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.24 09:07:11 | 000,000,173 | ---- | C] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 15:16:00 | 003,712,785 | ---- | C] () -- C:\Users\Pc\Desktop\Josef Vágner - Mě sílu Dáš - text.mp3
[2013.03.23 14:34:14 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.03 12:11:55 | 000,001,017 | ---- | C] () -- C:\Users\Pc\Obrázky – zástupce.lnk
[2013.03.01 12:27:30 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.01 12:27:27 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.12.19 00:19:21 | 000,001,480 | ---- | C] () -- C:\Users\Pc\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.03.10 07:40:26 | 004,901,879 | ---- | C] () -- C:\Users\Pc\You Raise me Up (Instrumental) - YouTube2.mp3
[2012.01.28 15:53:15 | 012,450,907 | ---- | C] () -- C:\Users\Pc\Generace Víry - křest - YouTube.flv
[2012.01.15 15:30:17 | 000,000,044 | ---- | C] () -- C:\Users\Pc\El shadaj.cda
[2011.12.28 11:59:08 | 020,555,989 | ---- | C] () -- C:\Users\Pc\svetem_bible_rudna.pdf
[2011.06.07 17:15:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.07 17:15:38 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.05 10:36:12 | 000,025,600 | ---- | C] () -- C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.23 18:21:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 11:21:19 | 000,000,091 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013.03.23 16:13:55 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 14:39:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.24 18:26:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2011.01.16 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GHISLER
[2011.01.14 10:58:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\IrfanView
[2011.01.14 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Maxthon2
[2013.03.24 17:13:45 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.25 12:55:04 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2011.09.28 07:21:30 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SlySoft
[2012.12.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.03.25 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2011.05.15 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Uniblue
[2011.07.22 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XMedia Recode
[2011.01.16 12:27:07 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Zoner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]<  >[/color]
[2009.07.14 05:53:46 | 000,032,592 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.01.23 12:40:18 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.23 12:40:18 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.08 07:06:34 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 08:19:59 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2012.09.28 08:19:59 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2012.11.11 10:23:24 | 000,000,430 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
[color=#A23BEC]< MD5 for: AUTOCHK.EXE  >[/color]
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
[color=#A23BEC]< MD5 for: HAL.DLL  >[/color]
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:39
od lenishine
OTL logfile created on: 25.3.2013 13:02:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pc\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,86 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 29,64% Memory free
3,71 Gb Paging File | 1,87 Gb Available in Paging File | 50,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 16,63 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 121,35 Gb Free Space | 55,17% Space Free | Partition Type: NTFS

Computer Name: LENKA | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.25 13:00:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Downloads\OTL.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.13 14:06:11 | 004,800,120 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.06.24 17:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.06.10 08:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.05.28 10:49:08 | 000,277,120 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.05.17 11:06:10 | 001,079,936 | ---- | M] (asus) -- C:\Program Files\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010.05.03 17:07:54 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2010.05.03 14:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.05.03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.04.14 07:42:26 | 000,715,320 | ---- | M] (Conexant Systems, Inc) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe
PRC - [2010.04.07 06:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\System32\FBAgent.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.23 10:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.06.29 10:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013.03.11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013.03.11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013.03.11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013.03.11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013.03.11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013.02.14 19:29:48 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.02.14 19:28:13 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.02.14 19:28:11 | 001,308,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SmartAudio\76118fe8a477d68e0fd27eac062627df\SmartAudio.ni.exe
MOD - [2013.02.14 18:09:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.10 15:11:30 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
MOD - [2013.01.10 15:11:27 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.CxHDAudioAP#\d36536c0e8836056532493d7a95fc1b7\Interop.CxHDAudioAPILib.ni.dll
MOD - [2013.01.10 15:11:24 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013.01.10 09:42:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 09:41:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 09:41:26 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 09:40:32 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 09:40:26 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 09:40:01 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 09:39:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 09:39:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 09:39:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 09:38:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.05 02:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010.11.05 02:53:43 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010.07.01 11:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010.05.05 18:22:30 | 000,098,304 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2010.02.23 15:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Brightness.dll
MOD - [2010.02.23 15:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\P4GControl.dll
MOD - [2010.02.23 15:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Resolution.dll
MOD - [2010.02.23 15:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Volume.dll
MOD - [2010.01.11 10:27:36 | 000,012,800 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.07.14 09:43:19 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll
MOD - [2008.09.30 23:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV - [2013.03.24 18:08:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.24 17:17:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.15 20:37:22 | 000,022,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\BasicServe\basicserve.exe -- (BasicServe Service)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.16 12:39:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\System32\FBAgent.exe -- (AFBAgent)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.08.17 10:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.01.14 09:58:39 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2010.12.01 20:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.03.02 09:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.26 09:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010.02.25 04:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2010.02.02 23:36:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010.01.18 10:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.08.18 09:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009.06.18 12:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2009.06.05 11:14:42 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.05.13 09:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.05.23 17:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.02.11 10:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - No CLSID value found
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvli ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{BCCD1ADC-E5B2-4951-956C-8D8F37D93805}: "URL" = http://websearch.ask.com/redirect?clien ... 9637F36F00
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: eurotranxp2%40microton.cz:3.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B740B3FD5-4483-469D-BE7F-8555B153BD04%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.03.08 11:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.19 11:44:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]

[2012.09.02 15:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Extensions
[2013.03.25 11:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions
[2012.08.10 07:46:55 | 000,000,000 | ---D | M] (Eurotran XP) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions\eurotranxp2@microton.cz
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\searchplugins\BearShareWebSearch.xml
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013.03.08 11:34:20 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2013.03.24 18:08:39 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.12.17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npkimi.dll
[2012.11.11 10:21:52 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012.08.08 18:27:36 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.08 18:27:36 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.08.08 18:27:36 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.08 18:27:36 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.08 18:27:36 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\Toolbar\WebBrowser: (no name) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [NetSetMan] C:\Program Files\NetSetMan\netsetman.exe (Ilja Herlein)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECC263B0-256C-47D1-B23C-06CAE9BDC13A}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Kód: Vybrat vše

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2013.03.25 10:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.25 10:06:55 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.25 00:34:53 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2013.03.25 00:34:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.03.25 00:22:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013.03.24 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ESET
[2013.03.24 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ESET
[2013.03.24 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2013.03.23 18:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.03.23 18:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.03.23 18:10:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RonyaSoft
[2013.03.23 15:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 15:44:20 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Programs
[2013.03.23 14:39:03 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.23 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.23 14:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
[2013.03.23 14:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\PCFix
[2013.03.23 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\BasicServe
[2013.03.23 13:41:11 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71U.DLL
[2013.03.23 13:41:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ATL71.DLL
[2013.03.23 13:41:10 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.DLL
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.25 13:02:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:49:06 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.25 12:48:58 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 12:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.25 12:48:38 | 1494,663,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.25 12:31:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2013.03.25 05:21:01 | 000,001,294 | ---- | M] () -- C:\Windows\System32\ServiceFilter.ini
[2013.03.25 05:20:00 | 000,002,228 | ---- | M] () -- C:\Windows\System32\AutoRunFilter.ini
[2013.03.24 19:31:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2013.03.24 17:17:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.24 17:17:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.24 09:07:11 | 000,000,173 | ---- | M] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 19:37:18 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.23 14:34:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Pc.job
[2013.03.21 20:16:44 | 000,631,428 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.21 20:16:44 | 000,616,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.21 20:16:44 | 000,122,050 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.21 20:16:44 | 000,106,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.24 09:07:11 | 000,000,173 | ---- | C] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 15:16:00 | 003,712,785 | ---- | C] () -- C:\Users\Pc\Desktop\Josef Vágner - Mě sílu Dáš - text.mp3
[2013.03.23 14:34:14 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.03 12:11:55 | 000,001,017 | ---- | C] () -- C:\Users\Pc\Obrázky – zástupce.lnk
[2013.03.01 12:27:30 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.01 12:27:27 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.12.19 00:19:21 | 000,001,480 | ---- | C] () -- C:\Users\Pc\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.03.10 07:40:26 | 004,901,879 | ---- | C] () -- C:\Users\Pc\You Raise me Up (Instrumental) - YouTube2.mp3
[2012.01.28 15:53:15 | 012,450,907 | ---- | C] () -- C:\Users\Pc\Generace Víry - křest - YouTube.flv
[2012.01.15 15:30:17 | 000,000,044 | ---- | C] () -- C:\Users\Pc\El shadaj.cda
[2011.12.28 11:59:08 | 020,555,989 | ---- | C] () -- C:\Users\Pc\svetem_bible_rudna.pdf
[2011.06.07 17:15:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.07 17:15:38 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.05 10:36:12 | 000,025,600 | ---- | C] () -- C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.23 18:21:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 11:21:19 | 000,000,091 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013.03.23 16:13:55 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 14:39:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.24 18:26:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2011.01.16 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GHISLER
[2011.01.14 10:58:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\IrfanView
[2011.01.14 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Maxthon2
[2013.03.24 17:13:45 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.25 12:55:04 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2011.09.28 07:21:30 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SlySoft
[2012.12.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.03.25 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2011.05.15 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Uniblue
[2011.07.22 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XMedia Recode
[2011.01.16 12:27:07 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Zoner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]<  >[/color]
[2009.07.14 05:53:46 | 000,032,592 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.01.23 12:40:18 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.23 12:40:18 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.08 07:06:34 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 08:19:59 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2012.09.28 08:19:59 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2012.11.11 10:23:24 | 000,000,430 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
[color=#A23BEC]< MD5 for: AUTOCHK.EXE  >[/color]
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
[color=#A23BEC]< MD5 for: HAL.DLL  >[/color]
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:42
od lenishine
OTL logfile created on: 25.3.2013 13:02:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pc\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,86 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 29,64% Memory free
3,71 Gb Paging File | 1,87 Gb Available in Paging File | 50,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 16,63 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 121,35 Gb Free Space | 55,17% Space Free | Partition Type: NTFS

Computer Name: LENKA | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.25 13:00:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Downloads\OTL.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.13 14:06:11 | 004,800,120 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.06.24 17:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.06.10 08:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.05.28 10:49:08 | 000,277,120 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.05.17 11:06:10 | 001,079,936 | ---- | M] (asus) -- C:\Program Files\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010.05.03 17:07:54 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2010.05.03 14:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.05.03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.04.14 07:42:26 | 000,715,320 | ---- | M] (Conexant Systems, Inc) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe
PRC - [2010.04.07 06:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\System32\FBAgent.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.23 10:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.06.29 10:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013.03.11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013.03.11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013.03.11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013.03.11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013.03.11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013.02.14 19:29:48 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.02.14 19:28:13 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.02.14 19:28:11 | 001,308,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SmartAudio\76118fe8a477d68e0fd27eac062627df\SmartAudio.ni.exe
MOD - [2013.02.14 18:09:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.10 15:11:30 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
MOD - [2013.01.10 15:11:27 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.CxHDAudioAP#\d36536c0e8836056532493d7a95fc1b7\Interop.CxHDAudioAPILib.ni.dll
MOD - [2013.01.10 15:11:24 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013.01.10 09:42:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 09:41:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 09:41:26 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 09:40:32 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 09:40:26 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 09:40:01 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 09:39:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 09:39:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 09:39:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 09:38:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.05 02:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010.11.05 02:53:43 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010.07.01 11:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010.05.05 18:22:30 | 000,098,304 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2010.02.23 15:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Brightness.dll
MOD - [2010.02.23 15:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\P4GControl.dll
MOD - [2010.02.23 15:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Resolution.dll
MOD - [2010.02.23 15:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Volume.dll
MOD - [2010.01.11 10:27:36 | 000,012,800 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.07.14 09:43:19 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll
MOD - [2008.09.30 23:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV - [2013.03.24 18:08:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.24 17:17:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.15 20:37:22 | 000,022,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\BasicServe\basicserve.exe -- (BasicServe Service)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.16 12:39:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\System32\FBAgent.exe -- (AFBAgent)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.08.17 10:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.01.14 09:58:39 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2010.12.01 20:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.03.02 09:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.26 09:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010.02.25 04:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2010.02.02 23:36:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010.01.18 10:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.08.18 09:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009.06.18 12:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2009.06.05 11:14:42 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.05.13 09:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.05.23 17:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.02.11 10:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - No CLSID value found
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvli ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{BCCD1ADC-E5B2-4951-956C-8D8F37D93805}: "URL" = http://websearch.ask.com/redirect?clien ... 9637F36F00
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: eurotranxp2%40microton.cz:3.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B740B3FD5-4483-469D-BE7F-8555B153BD04%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.03.08 11:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.19 11:44:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]

[2012.09.02 15:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Extensions
[2013.03.25 11:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions
[2012.08.10 07:46:55 | 000,000,000 | ---D | M] (Eurotran XP) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions\eurotranxp2@microton.cz
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\searchplugins\BearShareWebSearch.xml
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013.03.08 11:34:20 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2013.03.24 18:08:39 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.12.17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npkimi.dll
[2012.11.11 10:21:52 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012.08.08 18:27:36 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.08 18:27:36 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.08.08 18:27:36 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.08 18:27:36 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.08 18:27:36 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\Toolbar\WebBrowser: (no name) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [NetSetMan] C:\Program Files\NetSetMan\netsetman.exe (Ilja Herlein)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECC263B0-256C-47D1-B23C-06CAE9BDC13A}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Kód: Vybrat vše

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2013.03.25 10:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.25 10:06:55 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.25 00:34:53 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2013.03.25 00:34:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.03.25 00:22:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013.03.24 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ESET
[2013.03.24 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ESET
[2013.03.24 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2013.03.23 18:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.03.23 18:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.03.23 18:10:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RonyaSoft
[2013.03.23 15:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 15:44:20 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Programs
[2013.03.23 14:39:03 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.23 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.23 14:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
[2013.03.23 14:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\PCFix
[2013.03.23 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\BasicServe
[2013.03.23 13:41:11 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71U.DLL
[2013.03.23 13:41:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ATL71.DLL
[2013.03.23 13:41:10 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.DLL
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.25 13:02:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:49:06 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.25 12:48:58 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 12:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.25 12:48:38 | 1494,663,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.25 12:31:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2013.03.25 05:21:01 | 000,001,294 | ---- | M] () -- C:\Windows\System32\ServiceFilter.ini
[2013.03.25 05:20:00 | 000,002,228 | ---- | M] () -- C:\Windows\System32\AutoRunFilter.ini
[2013.03.24 19:31:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2013.03.24 17:17:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.24 17:17:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.24 09:07:11 | 000,000,173 | ---- | M] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 19:37:18 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.23 14:34:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Pc.job
[2013.03.21 20:16:44 | 000,631,428 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.21 20:16:44 | 000,616,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.21 20:16:44 | 000,122,050 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.21 20:16:44 | 000,106,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.24 09:07:11 | 000,000,173 | ---- | C] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 15:16:00 | 003,712,785 | ---- | C] () -- C:\Users\Pc\Desktop\Josef Vágner - Mě sílu Dáš - text.mp3
[2013.03.23 14:34:14 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.03 12:11:55 | 000,001,017 | ---- | C] () -- C:\Users\Pc\Obrázky – zástupce.lnk
[2013.03.01 12:27:30 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.01 12:27:27 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.12.19 00:19:21 | 000,001,480 | ---- | C] () -- C:\Users\Pc\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.03.10 07:40:26 | 004,901,879 | ---- | C] () -- C:\Users\Pc\You Raise me Up (Instrumental) - YouTube2.mp3
[2012.01.28 15:53:15 | 012,450,907 | ---- | C] () -- C:\Users\Pc\Generace Víry - křest - YouTube.flv
[2012.01.15 15:30:17 | 000,000,044 | ---- | C] () -- C:\Users\Pc\El shadaj.cda
[2011.12.28 11:59:08 | 020,555,989 | ---- | C] () -- C:\Users\Pc\svetem_bible_rudna.pdf
[2011.06.07 17:15:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.07 17:15:38 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.05 10:36:12 | 000,025,600 | ---- | C] () -- C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.23 18:21:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 11:21:19 | 000,000,091 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013.03.23 16:13:55 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 14:39:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.24 18:26:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2011.01.16 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GHISLER
[2011.01.14 10:58:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\IrfanView
[2011.01.14 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Maxthon2
[2013.03.24 17:13:45 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.25 12:55:04 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2011.09.28 07:21:30 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SlySoft
[2012.12.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.03.25 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2011.05.15 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Uniblue
[2011.07.22 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XMedia Recode
[2011.01.16 12:27:07 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Zoner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]<  >[/color]
[2009.07.14 05:53:46 | 000,032,592 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.01.23 12:40:18 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.23 12:40:18 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.08 07:06:34 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 08:19:59 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2012.09.28 08:19:59 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2012.11.11 10:23:24 | 000,000,430 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
[color=#A23BEC]< MD5 for: AUTOCHK.EXE  >[/color]
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
[color=#A23BEC]< MD5 for: HAL.DLL  >[/color]
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:42
od lenishine
OTL logfile created on: 25.3.2013 13:02:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pc\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,86 Gb Total Physical Memory | 0,55 Gb Available Physical Memory | 29,64% Memory free
3,71 Gb Paging File | 1,87 Gb Available in Paging File | 50,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 16,63 Gb Free Space | 21,32% Space Free | Partition Type: NTFS
Drive D: | 219,96 Gb Total Space | 121,35 Gb Free Space | 55,17% Space Free | Partition Type: NTFS

Computer Name: LENKA | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.25 13:00:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pc\Downloads\OTL.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.13 14:06:11 | 004,800,120 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010.06.24 17:50:50 | 006,806,144 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.06.10 08:57:18 | 000,548,744 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2010.05.28 10:49:08 | 000,277,120 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2010.05.17 11:06:10 | 001,079,936 | ---- | M] (asus) -- C:\Program Files\ASUS\ControlDeck\ControlDeck.exe
PRC - [2010.05.03 17:07:54 | 001,271,088 | ---- | M] (SRS Labs, Inc.) -- C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
PRC - [2010.05.03 14:45:50 | 000,182,912 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.05.03 14:41:46 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.04.14 07:42:26 | 000,715,320 | ---- | M] (Conexant Systems, Inc) -- C:\Program Files\CONEXANT\SAII\SmartAudio.exe
PRC - [2010.04.07 06:16:52 | 001,599,880 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe
PRC - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\System32\FBAgent.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.07.23 10:30:06 | 000,544,768 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2009.06.29 10:39:50 | 000,157,752 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009.01.29 23:20:49 | 000,057,344 | ---- | M] (SlySoft, Inc.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.11 01:22:06 | 000,459,728 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppgooglenaclpluginchrome.dll
MOD - [2013.03.11 01:22:05 | 012,662,224 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
MOD - [2013.03.11 01:22:04 | 004,050,896 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
MOD - [2013.03.11 01:21:18 | 000,596,944 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libglesv2.dll
MOD - [2013.03.11 01:21:18 | 000,124,368 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\libegl.dll
MOD - [2013.03.11 01:21:16 | 001,552,848 | ---- | M] () -- C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ffmpegsumo.dll
MOD - [2013.02.14 19:29:48 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll
MOD - [2013.02.14 19:28:13 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll
MOD - [2013.02.14 19:28:11 | 001,308,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SmartAudio\76118fe8a477d68e0fd27eac062627df\SmartAudio.ni.exe
MOD - [2013.02.14 18:09:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013.01.10 15:11:30 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
MOD - [2013.01.10 15:11:27 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.CxHDAudioAP#\d36536c0e8836056532493d7a95fc1b7\Interop.CxHDAudioAPILib.ni.dll
MOD - [2013.01.10 15:11:24 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013.01.10 09:42:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll
MOD - [2013.01.10 09:41:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013.01.10 09:41:26 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll
MOD - [2013.01.10 09:40:32 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013.01.10 09:40:26 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll
MOD - [2013.01.10 09:40:01 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013.01.10 09:39:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013.01.10 09:39:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013.01.10 09:39:20 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013.01.10 09:38:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010.11.05 02:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2010.11.05 02:53:43 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.07.02 13:36:26 | 001,597,440 | ---- | M] () -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010.07.01 11:21:42 | 000,204,800 | ---- | M] () -- C:\Program Files\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010.05.05 18:22:30 | 000,098,304 | ---- | M] () -- C:\Program Files\P4G\OvrClk.dll
MOD - [2010.02.23 15:14:22 | 000,071,680 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Brightness.dll
MOD - [2010.02.23 15:14:10 | 000,050,688 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\P4GControl.dll
MOD - [2010.02.23 15:12:22 | 000,186,880 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Resolution.dll
MOD - [2010.02.23 15:11:46 | 000,076,288 | ---- | M] () -- C:\Program Files\ASUS\ControlDeck\Volume.dll
MOD - [2010.01.11 10:27:36 | 000,012,800 | ---- | M] () -- C:\Program Files\P4G\DevMng.dll
MOD - [2009.07.14 09:43:19 | 000,159,744 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_cs_b77a5c561934e089\System.Xml.resources.dll
MOD - [2008.09.30 23:02:44 | 000,009,216 | ---- | M] () -- C:\Program Files\ASUS\Splendid\GLCDdll.dll
MOD - [2007.06.15 10:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.01 17:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll


========== Services (SafeList) ==========

SRV - [2013.03.24 18:08:38 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.24 17:17:00 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.15 20:37:22 | 000,022,528 | ---- | M] () [Auto | Stopped] -- C:\Program Files\BasicServe\basicserve.exe -- (BasicServe Service)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.16 12:39:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.12.15 10:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.07 16:37:06 | 000,303,744 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\System32\FBAgent.exe -- (AFBAgent)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:23 | 000,060,656 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.08.17 10:03:58 | 000,137,472 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011.08.17 09:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 09:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 09:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.01.14 09:58:39 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2010.12.01 20:06:29 | 000,108,104 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.03.02 09:43:20 | 001,263,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010.02.26 09:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010.02.25 04:27:00 | 000,098,928 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\JME.sys -- (JME)
DRV - [2010.02.02 23:36:34 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2010.01.18 10:45:00 | 000,514,104 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2009.09.17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009.08.18 09:23:28 | 000,119,408 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2009.07.20 10:29:40 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.02 17:36:10 | 000,013,880 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2009.06.18 12:18:00 | 000,015,416 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2009.06.05 11:14:42 | 001,766,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009.05.13 09:06:48 | 000,014,392 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.05.23 17:25:42 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.08.03 05:26:22 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.02.16 01:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2005.02.11 10:19:20 | 000,055,216 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... earchTerms}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - No CLSID value found
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvli ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb ... earchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{BCCD1ADC-E5B2-4951-956C-8D8F37D93805}: "URL" = http://websearch.ask.com/redirect?clien ... 9637F36F00
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..extensions.enabledAddons: eurotranxp2%40microton.cz:3.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B740B3FD5-4483-469D-BE7F-8555B153BD04%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Pc\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.03.08 11:34:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.11.19 11:44:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.24 18:08:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.25 12:43:12 | 000,000,000 | ---D | M]

[2012.09.02 15:26:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Extensions
[2013.03.25 11:56:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions
[2012.08.10 07:46:55 | 000,000,000 | ---D | M] (Eurotran XP) -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\extensions\eurotranxp2@microton.cz
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\lgukl0qb.default\searchplugins\BearShareWebSearch.xml
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
[2013.03.08 11:34:20 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2013.03.24 18:08:39 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.12.17 18:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npkimi.dll
[2012.11.11 10:21:52 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010.09.14 13:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2012.08.08 18:27:36 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.08 18:27:36 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.12.03 19:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2012.08.08 18:27:36 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.08 18:27:36 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.08 18:27:36 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Pc\AppData\Local\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: avast! WebRep = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\Toolbar\WebBrowser: (no name) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CloneCDTray] C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found
O4 - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [NetSetMan] C:\Program Files\NetSetMan\netsetman.exe (Ilja Herlein)
O4 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe (Lingea)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ECC263B0-256C-47D1-B23C-06CAE9BDC13A}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell\AutoRun\command - "" = E:\InstAll.exe
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell - "" = AutoRun
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell\AutoRun\command - "" = F:\Startme.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Kód: Vybrat vše

CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (http://www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
 
[color=#E56717]========== Files/Folders - Created Within 7 Days ==========[/color]
 
[2013.03.25 10:07:06 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.03.25 10:06:55 | 000,000,000 | ---D | C] -- C:\rsit
[2013.03.25 00:34:53 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2013.03.25 00:34:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.03.25 00:22:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013.03.24 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ESET
[2013.03.24 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ESET
[2013.03.24 18:18:50 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2013.03.23 18:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.03.23 18:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.03.23 18:10:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RonyaSoft
[2013.03.23 15:44:52 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 15:44:20 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\Programs
[2013.03.23 14:39:03 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.23 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.23 14:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
[2013.03.23 14:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\PCFix
[2013.03.23 14:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\BasicServe
[2013.03.23 13:41:11 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71U.DLL
[2013.03.23 13:41:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ATL71.DLL
[2013.03.23 13:41:10 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFC71.DLL
[2008.08.11 21:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files\Common Files\MSIactionall.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 7 Days ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.25 13:02:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:49:06 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.25 12:48:58 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 12:48:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.25 12:48:38 | 1494,663,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.25 12:31:01 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2013.03.25 05:21:01 | 000,001,294 | ---- | M] () -- C:\Windows\System32\ServiceFilter.ini
[2013.03.25 05:20:00 | 000,002,228 | ---- | M] () -- C:\Windows\System32\AutoRunFilter.ini
[2013.03.24 19:31:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2013.03.24 17:17:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.03.24 17:17:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.03.24 09:07:11 | 000,000,173 | ---- | M] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 19:37:18 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.03.23 14:34:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Pc.job
[2013.03.21 20:16:44 | 000,631,428 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.03.21 20:16:44 | 000,616,144 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.03.21 20:16:44 | 000,122,050 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.03.21 20:16:44 | 000,106,524 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013.03.25 13:06:07 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.24 09:07:11 | 000,000,173 | ---- | C] () -- C:\Users\Pc\Desktop\Seznam – Najdu tam, co neznám.url
[2013.03.23 15:16:00 | 003,712,785 | ---- | C] () -- C:\Users\Pc\Desktop\Josef Vágner - Mě sílu Dáš - text.mp3
[2013.03.23 14:34:14 | 000,000,925 | ---- | C] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.03 12:11:55 | 000,001,017 | ---- | C] () -- C:\Users\Pc\Obrázky – zástupce.lnk
[2013.03.01 12:27:30 | 000,164,736 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.03.01 12:27:27 | 000,049,248 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2012.12.19 00:19:21 | 000,001,480 | ---- | C] () -- C:\Users\Pc\AppData\Local\Adobe Uložit pro web 13.0 Prefs
[2012.03.10 07:40:26 | 004,901,879 | ---- | C] () -- C:\Users\Pc\You Raise me Up (Instrumental) - YouTube2.mp3
[2012.01.28 15:53:15 | 012,450,907 | ---- | C] () -- C:\Users\Pc\Generace Víry - křest - YouTube.flv
[2012.01.15 15:30:17 | 000,000,044 | ---- | C] () -- C:\Users\Pc\El shadaj.cda
[2011.12.28 11:59:08 | 020,555,989 | ---- | C] () -- C:\Users\Pc\svetem_bible_rudna.pdf
[2011.06.07 17:15:42 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.06.07 17:15:38 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.02.05 10:36:12 | 000,025,600 | ---- | C] () -- C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.23 18:21:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 11:21:19 | 000,000,091 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.04.08 10:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 08:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2013.03.23 16:13:55 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 14:39:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.24 18:26:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2011.01.16 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GHISLER
[2011.01.14 10:58:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\IrfanView
[2011.01.14 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Maxthon2
[2013.03.24 17:13:45 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.25 12:55:04 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2011.09.28 07:21:30 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SlySoft
[2012.12.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.03.25 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2011.05.15 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Uniblue
[2011.07.22 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XMedia Recode
[2011.01.16 12:27:07 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Zoner
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#A23BEC]<  >[/color]
[2009.07.14 05:53:46 | 000,032,592 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2011.01.23 12:40:18 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2011.01.23 12:40:18 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.08 07:06:34 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 08:19:59 | 000,000,898 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2012.09.28 08:19:59 | 000,000,950 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2012.11.11 10:23:24 | 000,000,430 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
[color=#A23BEC]< MD5 for: AUTOCHK.EXE  >[/color]
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
[color=#A23BEC]< MD5 for: HAL.DLL  >[/color]
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
 
[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 13:43
od lenishine
2. část

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\System32\drivers\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\01360922840d7c6ce3a9aa6d43962989\*.tmp files -> C:\Windows\SoftwareDistribution\Download\01360922840d7c6ce3a9aa6d43962989\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1732a825c1f2d4ae479f55d1b09ae726\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1732a825c1f2d4ae479f55d1b09ae726\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1b159531194e903aea1b85efef8125b9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1b159531194e903aea1b85efef8125b9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c26b18ba9c417242a6008b4ed02ef0a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c26b18ba9c417242a6008b4ed02ef0a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2e8dacc393d19b898a74d979ed274d7c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2e8dacc393d19b898a74d979ed274d7c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\35886d0ea6a9e82821dd05aad9d81833\*.tmp files -> C:\Windows\SoftwareDistribution\Download\35886d0ea6a9e82821dd05aad9d81833\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3b21a2d3980465e5aa37f352f7f9663e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3b21a2d3980465e5aa37f352f7f9663e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\41532b9387d7ff5a0a81e9b6b9f194ca\*.tmp files -> C:\Windows\SoftwareDistribution\Download\41532b9387d7ff5a0a81e9b6b9f194ca\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4b7a6ce537d1e1ce14de264d52ac696f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4b7a6ce537d1e1ce14de264d52ac696f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\529152c0644754df5337cc21062af233\*.tmp files -> C:\Windows\SoftwareDistribution\Download\529152c0644754df5337cc21062af233\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\53e4bb327beb637327d42c92ecf937de\*.tmp files -> C:\Windows\SoftwareDistribution\Download\53e4bb327beb637327d42c92ecf937de\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5be6b04a4615e8f2a90777bfc5f46bdf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5be6b04a4615e8f2a90777bfc5f46bdf\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\70ca0f204ea8445a319c8f21281c5ca7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\70ca0f204ea8445a319c8f21281c5ca7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7350d93a33159626f8ebc26cb42db96c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7350d93a33159626f8ebc26cb42db96c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8248daf1ccc06809e2db1aaa4c25e516\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8248daf1ccc06809e2db1aaa4c25e516\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\890c6f6a1ee4c089bc7cf467298ccc36\*.tmp files -> C:\Windows\SoftwareDistribution\Download\890c6f6a1ee4c089bc7cf467298ccc36\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\90b55a0275f670c60e11f0a6bd0e94bc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\90b55a0275f670c60e11f0a6bd0e94bc\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\984860bf1203e1b4a15ae0974b462080\*.tmp files -> C:\Windows\SoftwareDistribution\Download\984860bf1203e1b4a15ae0974b462080\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a3f5bfb22f349383c8dc3adf0dae0086\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a3f5bfb22f349383c8dc3adf0dae0086\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b10fbc602838099101a505ed9b31eae9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b10fbc602838099101a505ed9b31eae9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b9daabc24286b9ac9ba052d7aa0af88b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b9daabc24286b9ac9ba052d7aa0af88b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bd1f89a697bb7eeae50b63a0bf5be5ec\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bd1f89a697bb7eeae50b63a0bf5be5ec\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\cadfd73a978beb54e8ac84ec9a4cf99b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cadfd73a978beb54e8ac84ec9a4cf99b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ce93fdf8ad8d8869f7d094ec55013753\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ce93fdf8ad8d8869f7d094ec55013753\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\efc432a414361e2a3620ff1022a9ac0a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\efc432a414361e2a3620ff1022a9ac0a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f00a766bf761586522934add2d917cda\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f00a766bf761586522934add2d917cda\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.12.19 00:18:40 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Adobe
[2011.08.07 14:33:37 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Apple Computer
[2013.03.23 16:13:55 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Audacity
[2013.03.23 14:39:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Avnex
[2013.03.24 18:26:46 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\ESET
[2011.01.16 12:24:59 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\GHISLER
[2011.01.14 09:42:09 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Identities
[2011.01.14 09:47:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\InstallShield
[2011.01.14 10:58:03 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\IrfanView
[2011.01.14 10:54:32 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Macromedia
[2011.01.14 10:53:41 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Maxthon2
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Media Center Programs
[2013.03.10 23:19:30 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Media Player Classic
[2013.03.24 18:15:14 | 000,000,000 | --SD | M] -- C:\Users\Pc\AppData\Roaming\Microsoft
[2011.01.21 21:17:58 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Mozilla
[2011.06.23 19:47:40 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Nero
[2013.03.24 17:13:45 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\PCFix
[2012.12.18 19:50:31 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Real
[2012.11.11 10:18:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\RealNetworks
[2013.03.25 12:55:04 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Seznam.cz
[2013.03.25 12:06:01 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Skype
[2011.08.08 05:02:52 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\skypePM
[2011.09.28 07:21:30 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\SlySoft
[2012.12.18 22:31:23 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.03.25 00:34:53 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\TuneUp Software
[2011.05.15 19:45:10 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Uniblue
[2011.01.16 12:25:51 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\WinRAR
[2011.07.22 17:37:12 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\XMedia Recode
[2011.01.16 12:27:07 | 000,000,000 | ---D | M] -- C:\Users\Pc\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2013.03.14 08:27:15 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Pc\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.12.21 13:08:16 | 003,806,624 | ---- | M] (Maxthon International ltd.) -- C:\Users\Pc\AppData\Roaming\Maxthon2\Maxthon.exe
[2010.12.20 11:30:26 | 000,341,424 | ---- | M] (Maxthon International ltd.) -- C:\Users\Pc\AppData\Roaming\Maxthon2\Mx2UnInstall.exe
[2010.09.14 06:05:32 | 000,169,368 | ---- | M] (Maxthon International ltd.) -- C:\Users\Pc\AppData\Roaming\Maxthon2\MxCrashReport.exe
[2010.05.19 12:59:04 | 000,673,024 | ---- | M] (Maxthon International ltd.) -- C:\Users\Pc\AppData\Roaming\Maxthon2\Modules\MxDownloader\MxDownloadServer.exe
[2010.05.19 12:59:04 | 000,181,656 | ---- | M] (Maxthon International ltd.) -- C:\Users\Pc\AppData\Roaming\Maxthon2\Modules\MxUpdate\MxUp.exe
[2012.09.24 19:53:19 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012.09.24 19:53:19 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe
[2012.09.25 18:22:20 | 027,433,440 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\stub_data\RealPlayer.exe
[2012.09.25 18:21:16 | 000,760,128 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Pc\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\stub_exe\RealPlayer.exe
[2012.09.13 14:24:48 | 001,009,288 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe
[2012.09.14 13:06:28 | 002,515,592 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.02.13 15:16:08 | 000,942,080 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
[2013.01.22 13:55:12 | 000,456,696 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2012.05.04 09:41:02 | 002,330,136 | ---- | M] () -- C:\Users\Pc\AppData\Roaming\Seznam.cz\install\sznsetup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.03.25 12:49:06 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.25 12:48:58 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 13:02:03 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.24 19:31:03 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2013.03.25 13:31:05 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 12:56:24 | 000,014,416 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.25 05:20:00 | 000,002,228 | ---- | M] () -- C:\Windows\system32\AutoRunFilter.ini
[2013.03.23 19:37:18 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2013.03.24 17:17:00 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2013.03.24 17:17:00 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2013.03.25 12:48:58 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2013.03.25 05:21:01 | 000,001,294 | ---- | M] () -- C:\Windows\system32\ServiceFilter.ini

< %SYSTEMDRIVE%\*.exe >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"AnyDVD" = C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe -- [2011.01.13 14:06:11 | 004,800,120 | ---- | M] (SlySoft, Inc.)
"NetSetMan" = C:\Program Files\NetSetMan\netsetman.exe -- [2011.02.20 22:26:54 | 004,301,576 | ---- | M] (Ilja Herlein)
"RegistryBooster" = "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000
"Google Update" = "C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.09.23 16:50:47 | 000,116,648 | ---- | M] (Google Inc.)
"AdobeBridge" =
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.01.08 12:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)
"cz.seznam.software.autoupdate" = "C:\Users\Pc\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2012.09.13 14:24:48 | 001,009,288 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.03.24 18:08:38 | 000,917,400 | ---- | M] (Mozilla Corporation) MD5=D7826A7440444F40E0406CF37FD2FA88 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.20 13:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 /code] >
Invalid Switch: code]

< >

========== Files - Unicode (All) ==========
[2011.12.31 22:38:13 | 000,000,000 | ---D | M](C:\Users\Pc\Heritage Singers Tour 2009?) -- C:\Users\Pc\Heritage Singers Tour 2009
[2011.12.31 22:38:13 | 000,000,000 | ---D | M](C:\Users\Pc\Heritage Singers Tour 2009?) -- C:\Users\Pc\Heritage Singers Tour 2009
(C:\Users\Pc\Heritage Singers Tour 2009?) -- C:\Users\Pc\Heritage Singers Tour 2009

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Re: nechtěná delta-search.com

Napsal: 25 bře 2013 22:45
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\ipswuio.sys -- (ipswuio)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
IE - HKU\.DEFAULT\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... &keywords={searchTerms}
IE - HKU\S-1-5-18\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=BASICSER ... &keywords={searchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - No CLSID value found
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvlink&sp=&keywords={searchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/web?src=ieb&systemid=2&q={searchTerms}
IE - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\SearchScopes\{BCCD1ADC-E5B2-4951-956C-8D8F37D93805}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=EA76F14A-1BAD-4152-BD75-9510CAB5A236&apn_sauid=754BB833-16BD-48D9-9A67-969637F36F00
[2013.03.23 19:02:07 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\Mozilla Firefox\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2162017213-3262929745-4257483338-1000\..\Toolbar\WebBrowser: (no name) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe File not found
O13 - gopher Prefix: missing
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{30e118f6-1fb9-11e0-a334-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f0e4d3e1-83ac-11e0-aafc-20cf305dd4b1}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell - "" = AutoRun
[2013.03.25 00:34:15 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.03.24 19:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2013.03.24 18:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\ESET
[2013.03.24 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Local\ESET
[2013.03.23 18:33:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.03.23 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\Pc\AppData\Roaming\PCFix
[2013.03.23 14:34:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Fix 2011 Registry Cleaner
[2013.03.23 14:34:12 | 000,000,000 | ---D | C] -- C:\Program Files\PCFix
[2013.03.23 14:34:14 | 000,000,925 | ---- | M] () -- C:\Users\Public\Desktop\PC Fix 2011.lnk
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Pc.job
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\01360922840d7c6ce3a9aa6d43962989\*.tmp files -> C:\Windows\SoftwareDistribution\Download\01360922840d7c6ce3a9aa6d43962989\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1732a825c1f2d4ae479f55d1b09ae726\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1732a825c1f2d4ae479f55d1b09ae726\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1b159531194e903aea1b85efef8125b9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1b159531194e903aea1b85efef8125b9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c26b18ba9c417242a6008b4ed02ef0a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c26b18ba9c417242a6008b4ed02ef0a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2e8dacc393d19b898a74d979ed274d7c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2e8dacc393d19b898a74d979ed274d7c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\35886d0ea6a9e82821dd05aad9d81833\*.tmp files -> C:\Windows\SoftwareDistribution\Download\35886d0ea6a9e82821dd05aad9d81833\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\3b21a2d3980465e5aa37f352f7f9663e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3b21a2d3980465e5aa37f352f7f9663e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\41532b9387d7ff5a0a81e9b6b9f194ca\*.tmp files -> C:\Windows\SoftwareDistribution\Download\41532b9387d7ff5a0a81e9b6b9f194ca\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\4b7a6ce537d1e1ce14de264d52ac696f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\4b7a6ce537d1e1ce14de264d52ac696f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\529152c0644754df5337cc21062af233\*.tmp files -> C:\Windows\SoftwareDistribution\Download\529152c0644754df5337cc21062af233\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\53e4bb327beb637327d42c92ecf937de\*.tmp files -> C:\Windows\SoftwareDistribution\Download\53e4bb327beb637327d42c92ecf937de\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5be6b04a4615e8f2a90777bfc5f46bdf\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5be6b04a4615e8f2a90777bfc5f46bdf\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\70ca0f204ea8445a319c8f21281c5ca7\*.tmp files -> C:\Windows\SoftwareDistribution\Download\70ca0f204ea8445a319c8f21281c5ca7\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7350d93a33159626f8ebc26cb42db96c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7350d93a33159626f8ebc26cb42db96c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\8248daf1ccc06809e2db1aaa4c25e516\*.tmp files -> C:\Windows\SoftwareDistribution\Download\8248daf1ccc06809e2db1aaa4c25e516\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\890c6f6a1ee4c089bc7cf467298ccc36\*.tmp files -> C:\Windows\SoftwareDistribution\Download\890c6f6a1ee4c089bc7cf467298ccc36\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\90b55a0275f670c60e11f0a6bd0e94bc\*.tmp files -> C:\Windows\SoftwareDistribution\Download\90b55a0275f670c60e11f0a6bd0e94bc\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\984860bf1203e1b4a15ae0974b462080\*.tmp files -> C:\Windows\SoftwareDistribution\Download\984860bf1203e1b4a15ae0974b462080\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\a3f5bfb22f349383c8dc3adf0dae0086\*.tmp files -> C:\Windows\SoftwareDistribution\Download\a3f5bfb22f349383c8dc3adf0dae0086\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b10fbc602838099101a505ed9b31eae9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b10fbc602838099101a505ed9b31eae9\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\b9daabc24286b9ac9ba052d7aa0af88b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\b9daabc24286b9ac9ba052d7aa0af88b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\bd1f89a697bb7eeae50b63a0bf5be5ec\*.tmp files -> C:\Windows\SoftwareDistribution\Download\bd1f89a697bb7eeae50b63a0bf5be5ec\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\cadfd73a978beb54e8ac84ec9a4cf99b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cadfd73a978beb54e8ac84ec9a4cf99b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ce93fdf8ad8d8869f7d094ec55013753\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ce93fdf8ad8d8869f7d094ec55013753\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\efc432a414361e2a3620ff1022a9ac0a\*.tmp files -> C:\Windows\SoftwareDistribution\Download\efc432a414361e2a3620ff1022a9ac0a\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f00a766bf761586522934add2d917cda\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f00a766bf761586522934add2d917cda\*.tmp -> ]
[2013.03.25 12:49:06 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.03.25 12:48:58 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.25 13:02:03 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.03.24 19:31:03 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000Core.job
[2013.03.25 13:31:05 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2162017213-3262929745-4257483338-1000UA.job
[2013.03.23 14:10:22 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Pc.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"=-
"VirtualCloneDrive"=-
"CloneCDTray"=-
"GrooveMonitor"=-
"QuickTime Task"=-
"Adobe ARM"=-
""=-
"ApnUpdater"=-
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"AdobeCS6ServiceManager"=-
"PCFix"=-
"AVG_UI"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"=-
"NetSetMan"=-
"RegistryBooster"=-
"Google Update"=-
"AdobeBridge"=-
"Skype"=-
"cz.seznam.software.autoupdate"=-
"SpybotSD TeaTimer"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz