Kontrola logu

Zpráva

KAREL.CZ · #1 Příspěvek od **KAREL.CZ** » 27 zář 2013 18:39

Zdravím prosím o kontrolu logu včerejškem počínaje kliknu na strány a oběví se mi ne ta stránka , ale že mám na cosi kliknout což neudělám. Vypnuto a pustím znova a už to zas funguje, ale toto se děje několikrát denně.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Karel at 2013-09-27 19:33:40
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 858 GB (90%) free of 954 GB
Total RAM: 3198 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:52, on 27.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\DAODx.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Mumble\mumble.exe
C:\Games\World_of_Tanks\WorldOfTanks.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Karel\Desktop\RSIT.exe
C:\Program Files\trend micro\Karel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll
O2 - BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files\LemurLeap\LemurLeapbho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [AppsHat] C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: DokanMounter - Unknown owner - C:\Program Files\Dokan\DokanLibrary\mounter.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Update LemurLeap - LemurLeap - C:\Program Files\LemurLeap\updateLemurLeap.exe

--
End of file - 5458 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\
{97A78363-B868-4B48-AC91-A783A31215AF}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{415419c3-dad0-4df1-ac37-22c72ad81878}]
LemurLeap - C:\Program Files\LemurLeap\LemurLeapbho.dll [2013-08-31 149280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
MinibarBHO - C:\Program Files\Minibar\Minibar.dll [2013-02-26 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-30 98304]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"cz.seznam.software.autoupdate"=C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"AppsHat"=C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [2012-10-26 202752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe [2013-08-06 814984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-09-27 19:33:41 ----D---- C:\Program Files\trend micro
2013-09-27 19:33:40 ----D---- C:\rsit
2013-09-19 17:07:58 ----D---- C:\Users\Karel\AppData\Roaming\Mumble
2013-09-19 17:06:35 ----D---- C:\Program Files\Mumble
2013-09-12 13:20:13 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-09-12 13:20:13 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-09-12 13:20:13 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-09-12 13:06:09 ----D---- C:\Program Files\Atari
2013-09-12 12:41:37 ----D---- C:\HRY
2013-09-12 12:37:31 ----D---- C:\Program Files\LemurLeap
2013-09-12 12:37:24 ----D---- C:\Program Files\Minibar
2013-09-12 12:37:18 ----D---- C:\Program Files\Seznam.cz
2013-09-12 12:37:06 ----D---- C:\Users\Karel\AppData\Roaming\Seznam.cz
2013-09-12 12:35:44 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-09-12 12:35:42 ----D---- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
2013-09-12 12:35:40 ----D---- C:\Program Files\DAEMON Tools Lite
2013-09-12 12:35:03 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-09-12 12:28:31 ----D---- C:\Program Files\Elaborate Bytes
2013-09-12 12:24:06 ----D---- C:\Program Files\Common Files\EZB Systems
2013-09-12 12:24:05 ----D---- C:\Program Files\UltraISO
2013-09-12 12:20:17 ----D---- C:\Program Files\Free Create-Burn ISO Image
2013-09-12 12:20:17 ----A---- C:\Windows\system32\WNASPI32.DLL
2013-09-12 12:20:17 ----A---- C:\Windows\system32\drivers\ASPI32.SYS
2013-09-12 12:00:14 ----A---- C:\Windows\system32\drivers\sptd8973.sys
2013-09-12 12:00:14 ----A---- C:\Windows\system32\drivers\sptd.sys
2013-09-12 09:24:09 ----D---- C:\Games
2013-09-12 09:05:25 ----D---- C:\Program Files\Dokan
2013-09-11 14:42:48 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 14:42:47 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 14:42:47 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 14:42:47 ----A---- C:\Windows\system32\iesetup.dll
2013-09-11 14:42:46 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 14:42:42 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 14:42:42 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 14:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 14:42:42 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-11 14:42:42 ----A---- C:\Windows\system32\iernonce.dll
2013-09-11 14:42:42 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-11 14:42:41 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 14:42:40 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 14:42:39 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 14:42:37 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 12:25:33 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 12:25:33 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-11 12:25:32 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 12:25:31 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 12:25:30 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 12:25:30 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 12:25:30 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 12:25:30 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 12:25:30 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 12:25:30 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 12:25:30 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 12:25:30 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 12:25:30 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 12:25:30 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 12:25:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 12:25:28 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 12:25:28 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 12:25:28 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

======List of files/folders modified in the last 1 month======

2013-09-27 19:33:52 ----D---- C:\Windows\Prefetch
2013-09-27 19:33:44 ----D---- C:\Windows\Temp
2013-09-27 19:33:41 ----RD---- C:\Program Files
2013-09-27 19:28:20 ----D---- C:\Windows\System32
2013-09-27 19:28:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-27 19:28:19 ----D---- C:\Windows\inf
2013-09-27 11:40:51 ----D---- C:\Windows\system32\config
2013-09-25 14:19:13 ----D---- C:\FILM
2013-09-24 12:55:51 ----SHD---- C:\System Volume Information
2013-09-21 23:58:49 ----D---- C:\Users\Karel\AppData\Roaming\TS3Client
2013-09-20 14:58:15 ----D---- C:\Windows\system32\Tasks
2013-09-20 14:58:12 ----D---- C:\Windows
2013-09-19 17:07:24 ----SHD---- C:\Windows\Installer
2013-09-14 01:16:32 ----D---- C:\Windows\system32\catroot2
2013-09-14 00:12:49 ----D---- C:\Windows\system32\directx
2013-09-12 13:20:05 ----RSD---- C:\Windows\assembly
2013-09-12 12:35:54 ----D---- C:\Windows\system32\drivers
2013-09-12 12:35:53 ----D---- C:\Windows\system32\catroot
2013-09-12 12:35:52 ----D---- C:\Windows\system32\DriverStore
2013-09-12 12:35:03 ----HD---- C:\ProgramData
2013-09-12 12:24:06 ----D---- C:\Program Files\Common Files
2013-09-11 20:58:00 ----D---- C:\Windows\rescache
2013-09-11 20:00:37 ----D---- C:\Windows\Microsoft.NET
2013-09-11 17:24:15 ----D---- C:\Windows\winsxs
2013-09-11 17:22:16 ----D---- C:\Program Files\Internet Explorer
2013-09-11 17:22:14 ----D---- C:\Windows\system32\cs-CZ
2013-09-11 14:42:17 ----D---- C:\Windows\system32\MRT
2013-09-11 14:41:24 ----A---- C:\Windows\system32\MRT.exe
2013-09-11 09:16:51 ----SD---- C:\ProgramData\Microsoft
2013-08-30 09:47:32 ----A---- C:\Windows\system32\aswBoot.exe
2013-08-30 02:01:21 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 177864]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-08-30 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 56080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-12 243128]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 30616]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2010-01-29 82320]
R2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
R2 Dokan;Dokan; \??\C:\Windows\system32\drivers\dokan.sys [2011-01-10 95744]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-09-29 6472192]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-29 228352]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-08-16 101904]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2013-03-11 30208]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-09-12 643072]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-03-09 2116480]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-29 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DokanMounter;DokanMounter; C:\Program Files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 Update LemurLeap;Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [2013-08-31 206624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-07 1343400]

#2 Příspěvek od **Rudy** » 27 zář 2013 18:55

Zdravím!
Jak to vypadá s legalitou vašeho OS?

KAREL.CZ · #3 Příspěvek od **KAREL.CZ** » 27 zář 2013 19:12

Ano mám.

#4 Příspěvek od **Rudy** » 27 zář 2013 19:51

OK.
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<.

KAREL.CZ · #5 Příspěvek od **KAREL.CZ** » 27 zář 2013 20:34

Computer Name: KAREL-PC | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.09.27 21:15:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Downloads\OTL.exe
PRC - [2013.09.04 20:10:18 | 015,851,888 | ---- | M] (Wargaming.net) -- C:\Games\World_of_Tanks\WorldOfTanks.exe
PRC - [2013.08.31 09:36:52 | 000,206,624 | ---- | M] (LemurLeap) -- C:\Program Files\LemurLeap\updateLemurLeap.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.08.17 11:00:53 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.08.09 02:39:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013.06.01 23:26:50 | 005,611,528 | ---- | M] (Thorvald Natvig) -- C:\Program Files\Mumble\mumble.exe
PRC - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
PRC - [2012.10.26 08:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
PRC - [2012.09.28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.10 14:49:20 | 000,014,848 | ---- | M] () -- C:\Program Files\Dokan\DokanLibrary\mounter.exe
PRC - [2010.09.29 03:51:26 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.09.29 03:50:58 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.04.27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2009.03.30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe

========== Modules (No Company Name) ==========

MOD - [2013.09.19 17:08:22 | 000,037,384 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\insurgency.dll
MOD - [2013.09.19 17:08:22 | 000,032,264 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\ut99.dll
MOD - [2013.09.19 17:08:22 | 000,024,584 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\wolfet.dll
MOD - [2013.09.19 17:08:22 | 000,022,536 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\gw.dll
MOD - [2013.09.19 17:08:22 | 000,021,000 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\gtaiv.dll
MOD - [2013.09.19 17:08:21 | 000,038,920 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\bf3.dll
MOD - [2013.09.19 17:08:21 | 000,038,920 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\bf2.dll
MOD - [2013.09.19 17:08:21 | 000,037,384 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\gmod.dll
MOD - [2013.09.19 17:08:21 | 000,036,872 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\aoc.dll
MOD - [2013.09.19 17:08:21 | 000,031,752 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\l4d2.dll
MOD - [2013.09.19 17:08:21 | 000,023,560 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\borderlands.dll
MOD - [2013.09.19 17:08:21 | 000,022,536 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\l4d.dll
MOD - [2013.09.19 17:08:21 | 000,022,536 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\etqw.dll
MOD - [2013.09.19 17:08:21 | 000,022,536 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\borderlands2.dll
MOD - [2013.09.19 17:08:21 | 000,022,024 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\cs.dll
MOD - [2013.09.19 17:08:21 | 000,022,024 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\blacklight.dll
MOD - [2013.09.19 17:08:21 | 000,020,488 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\ut2004.dll
MOD - [2013.09.19 17:08:21 | 000,020,488 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\breach.dll
MOD - [2013.09.19 17:08:21 | 000,020,488 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\bfheroes.dll
MOD - [2013.09.19 17:08:21 | 000,020,488 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\bfbc2.dll
MOD - [2013.09.19 17:08:21 | 000,020,488 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\bf1942.dll
MOD - [2013.09.19 17:08:21 | 000,020,488 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\arma2.dll
MOD - [2013.09.19 17:08:21 | 000,019,976 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\sr.dll
MOD - [2013.09.19 17:08:21 | 000,018,952 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Mumble\Plugins\link.dll
MOD - [2013.09.11 17:24:45 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013.09.11 17:24:39 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013.09.04 20:10:18 | 000,327,680 | ---- | M] () -- C:\Games\World_of_Tanks\voip.dll
MOD - [2013.09.04 20:10:18 | 000,321,520 | ---- | M] () -- C:\Games\World_of_Tanks\ortp.dll
MOD - [2013.09.04 20:10:18 | 000,270,336 | ---- | M] () -- C:\Games\World_of_Tanks\libcurl.dll
MOD - [2013.08.17 11:00:52 | 003,551,640 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.08.15 00:07:58 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013.08.15 00:07:53 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.08.15 00:07:40 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.08.15 00:07:37 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013.08.15 00:07:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.08.09 09:46:58 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.08.09 02:56:18 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013.06.01 23:27:00 | 000,106,504 | ---- | M] () -- C:\Program Files\Mumble\zlib1.dll
MOD - [2013.06.01 23:26:58 | 000,071,176 | ---- | M] () -- C:\Program Files\Mumble\plugins\manual.dll
MOD - [2013.06.01 23:26:54 | 000,219,144 | ---- | M] () -- C:\Program Files\Mumble\opus.dll
MOD - [2013.06.01 23:26:54 | 000,167,432 | ---- | M] () -- C:\Program Files\Mumble\speex.dll
MOD - [2013.06.01 23:26:54 | 000,073,224 | ---- | M] () -- C:\Program Files\Mumble\celt0.0.7.0.sse2.dll
MOD - [2013.06.01 23:26:52 | 000,133,640 | ---- | M] () -- C:\Program Files\Mumble\mumble_ol.dll
MOD - [2013.06.01 23:26:52 | 000,089,096 | ---- | M] () -- C:\Program Files\Mumble\celt0.0.11.0.sse2.dll
MOD - [2013.06.01 22:23:04 | 000,031,816 | ---- | M] () -- C:\Program Files\Mumble\plugins\wow.dll
MOD - [2013.06.01 22:23:04 | 000,023,624 | ---- | M] () -- C:\Program Files\Mumble\plugins\sto.dll
MOD - [2013.06.01 22:23:04 | 000,022,600 | ---- | M] () -- C:\Program Files\Mumble\plugins\lotro.dll
MOD - [2013.06.01 22:23:04 | 000,021,064 | ---- | M] () -- C:\Program Files\Mumble\plugins\ut3.dll
MOD - [2013.06.01 22:23:02 | 000,037,960 | ---- | M] () -- C:\Program Files\Mumble\plugins\dys.dll
MOD - [2013.06.01 22:23:02 | 000,023,112 | ---- | M] () -- C:\Program Files\Mumble\plugins\lol.dll
MOD - [2013.06.01 22:23:02 | 000,020,552 | ---- | M] () -- C:\Program Files\Mumble\plugins\jc2.dll
MOD - [2013.06.01 22:23:00 | 000,023,624 | ---- | M] () -- C:\Program Files\Mumble\plugins\cod4.dll
MOD - [2013.06.01 22:23:00 | 000,021,064 | ---- | M] () -- C:\Program Files\Mumble\plugins\codmw2so.dll
MOD - [2013.06.01 22:23:00 | 000,021,064 | ---- | M] () -- C:\Program Files\Mumble\plugins\codmw2.dll
MOD - [2013.06.01 22:23:00 | 000,021,064 | ---- | M] () -- C:\Program Files\Mumble\plugins\cod5.dll
MOD - [2013.06.01 22:23:00 | 000,021,064 | ---- | M] () -- C:\Program Files\Mumble\plugins\cod2.dll
MOD - [2013.06.01 22:22:58 | 000,022,600 | ---- | M] () -- C:\Program Files\Mumble\plugins\bf2142.dll
MOD - [2013.04.24 12:31:42 | 000,081,992 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\libchinst.dll
MOD - [2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
MOD - [2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\610libfoxloader.dll
MOD - [2013.03.25 16:39:52 | 000,894,968 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
MOD - [2012.12.16 23:22:04 | 004,002,304 | ---- | M] () -- C:\Program Files\Mumble\libmysql.dll
MOD - [2012.10.26 08:49:04 | 000,202,752 | ---- | M] () -- C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
MOD - [2011.07.13 22:27:46 | 002,304,512 | ---- | M] () -- C:\Program Files\Mumble\libsndfile-1.dll
MOD - [2010.11.13 03:54:29 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.11.13 03:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:53:33 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.09.30 22:36:20 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.08.04 15:58:06 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.03.30 08:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
MOD - [2007.05.22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - [2013.08.31 09:36:52 | 000,206,624 | ---- | M] (LemurLeap) [Auto | Running] -- C:\Program Files\LemurLeap\updateLemurLeap.exe -- (Update LemurLeap)
SRV - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.08.17 11:00:52 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.08.07 01:38:18 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2011.01.10 14:49:20 | 000,014,848 | ---- | M] () [Auto | Running] -- C:\Program Files\Dokan\DokanLibrary\mounter.exe -- (DokanMounter)
SRV - [2010.09.29 03:50:58 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2013.09.12 12:35:44 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013.09.12 12:15:40 | 000,643,072 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.30 09:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.30 09:48:12 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013.08.30 09:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.01.10 14:49:28 | 000,095,744 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\System32\drivers\dokan.sys -- (Dokan)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.09.29 04:25:14 | 006,472,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.09.29 03:14:30 | 000,228,352 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.08.16 12:41:54 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.04.27 03:28:46 | 000,146,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2010.04.27 03:27:50 | 000,064,904 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2010.03.09 12:09:24 | 002,116,480 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010.01.29 11:40:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009.07.16 05:36:30 | 000,013,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.07.17 08:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000\..\URLSearchHook: {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
IE - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B97A78363-B868-4B48-AC91-A783A31215AF%7D:2.0.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1497
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.09.20 14:58:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.08.06 14:41:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\Mozilla\Extensions
[2013.09.26 20:23:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions
[2013.09.12 12:37:25 | 000,000,000 | ---D | M] (AppsHat) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[2013.09.12 12:37:17 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.08.31 09:36:52 | 000,010,251 | ---- | M] () (No name found) -- C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\firefox@lemurleap.info.xpi
[2013.08.17 11:00:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.08.17 11:00:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.09.20 14:58:12 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (LemurLeap) - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files\LemurLeap\LemurLeapBHO.dll (LemurLeap)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (MinibarBHO) - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000..\Run: [AppsHat] C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe ()
O4 - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000..\Run: [cz.seznam.software.autoupdate] C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe ()
O4 - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000..\Run: [cz.seznam.software.szndesktop] C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe ()
O4 - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll (KangoExtensions)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9C34ED1-C21E-4B73-9490-A346DB5E9092}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012.11.27 10:25:25 | 000,000,069 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2011.01.14 13:30:08 | 000,052,736 | R--- | M] (Eden Games) - H:\AutoRun.exe -- [ UDF ]
O32 - AutoRun File - [2011.01.14 13:30:08 | 000,000,042 | R--- | M] () - H:\AutoRun.inf -- [ UDF ]
O33 - MountPoints2\{44273ccd-1b92-11e3-9e57-bcaec521c81a}\Shell - "" = AutoRun
O33 - MountPoints2\{44273ccd-1b92-11e3-9e57-bcaec521c81a}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- [2011.01.14 13:30:08 | 000,052,736 | R--- | M] (Eden Games)
O33 - MountPoints2\{d5859fe5-fe8d-11e2-8cab-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d5859fe5-fe8d-11e2-8cab-806e6f6e6963}\Shell\AutoRun\command - "" = D:\DinosaurRaceShore.exe -- [2012.12.07 03:19:13 | 020,381,552 | R--- | M] (Blit Inc. )
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\System32\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.09.27 19:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.09.27 19:33:40 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.19 17:07:58 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Mumble
[2013.09.19 17:07:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2013.09.19 17:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mumble
[2013.09.12 23:19:02 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Eden Games
[2013.09.12 23:17:25 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\CrashRpt
[2013.09.12 13:20:13 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2013.09.12 13:20:13 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2013.09.12 13:20:13 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2013.09.12 13:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[2013.09.12 13:06:09 | 000,000,000 | ---D | C] -- C:\Program Files\Atari
[2013.09.12 12:41:37 | 000,000,000 | ---D | C] -- C:\HRY
[2013.09.12 12:37:33 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Application Data
[2013.09.12 12:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\LemurLeap
[2013.09.12 12:37:27 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\WebPlayer
[2013.09.12 12:37:27 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\AppsHat Mobile Apps
[2013.09.12 12:37:27 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
[2013.09.12 12:37:24 | 000,000,000 | ---D | C] -- C:\Program Files\Minibar
[2013.09.12 12:37:23 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Minibar
[2013.09.12 12:37:18 | 000,000,000 | ---D | C] -- C:\Program Files\Seznam.cz
[2013.09.12 12:37:06 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Seznam.cz
[2013.09.12 12:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2013.09.12 12:35:44 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2013.09.12 12:35:42 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
[2013.09.12 12:35:40 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2013.09.12 12:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2013.09.12 12:28:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2013.09.12 12:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2013.09.12 12:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
[2013.09.12 12:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2013.09.12 12:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2013.09.12 12:24:05 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\My ISO Files
[2013.09.12 12:20:17 | 000,045,056 | ---- | C] (Adaptec) -- C:\Windows\System32\WNASPI32.DLL
[2013.09.12 12:20:17 | 000,016,877 | ---- | C] (Adaptec) -- C:\Windows\System32\drivers\ASPI32.SYS
[2013.09.12 12:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Create-Burn ISO Image
[2013.09.12 12:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Free Create-Burn ISO Image
[2013.09.12 12:00:14 | 000,643,072 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2013.09.12 12:00:14 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\sptd8973.sys
[2013.09.12 09:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2013.09.12 09:24:09 | 000,000,000 | ---D | C] -- C:\Games
[2013.09.12 09:05:25 | 000,000,000 | ---D | C] -- C:\Program Files\Dokan
[2013.09.11 14:42:48 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.09.11 14:42:47 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.09.11 14:42:47 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.09.11 14:42:47 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.09.11 14:42:46 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.09.11 14:42:42 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.09.11 14:42:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.09.11 14:42:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.09.11 14:42:42 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.09.11 14:42:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.09.11 12:25:32 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013.09.11 12:25:31 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.09.11 12:25:30 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.09.11 12:25:30 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.09.11 12:25:30 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.09.11 12:25:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.11 12:25:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.09.11 12:25:30 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.11 12:25:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.09.11 12:25:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.11 12:25:29 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.09.11 12:25:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.11 12:25:29 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.11 12:25:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.09.11 12:25:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.09.11 12:25:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.11 12:25:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.09.11 12:25:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.09.11 12:25:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013.09.11 09:28:02 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Diagnostics
[2013.09.10 11:49:31 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Dinosaur Race Files

========== Files - Modified Within 30 Days ==========

[2013.09.27 21:18:55 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.09.27 19:32:36 | 000,781,383 | ---- | M] () -- C:\Users\Karel\Desktop\RSIT.exe
[2013.09.27 19:28:20 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.09.27 19:28:20 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.09.27 19:28:20 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.09.27 19:28:20 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.09.27 11:48:44 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.27 11:48:44 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.27 11:41:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.27 11:41:33 | 2515,148,800 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.26 01:27:13 | 000,001,080 | ---- | M] () -- C:\Users\Karel\AppData\Local\SRDownloader.nast
[2013.09.25 13:45:16 | 001,236,890 | ---- | M] () -- C:\Users\Karel\Desktop\IMAG0088.jpg
[2013.09.25 13:44:54 | 001,216,774 | ---- | M] () -- C:\Users\Karel\Desktop\IMAG0087.jpg
[2013.09.20 14:58:14 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013.09.19 17:08:20 | 000,002,388 | ---- | M] () -- C:\Users\Karel\Documents\MumbleAutomaticCertificateBackup.p12
[2013.09.12 13:19:14 | 000,001,053 | ---- | M] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2013.09.12 12:37:27 | 000,002,110 | ---- | M] () -- C:\Users\Karel\Desktop\AppsHat.lnk
[2013.09.12 12:37:03 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013.09.12 12:35:44 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2013.09.12 12:29:04 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2013.09.12 12:24:07 | 000,000,969 | ---- | M] () -- C:\Users\Karel\Desktop\UltraISO.lnk
[2013.09.12 12:20:17 | 000,001,032 | ---- | M] () -- C:\Users\Karel\Desktop\Free Create-Burn ISO Image.lnk
[2013.09.12 12:15:40 | 000,140,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\sptd8973.sys
[2013.09.12 09:24:11 | 000,000,769 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.09.11 17:23:46 | 000,268,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.08.30 15:34:15 | 000,003,851 | ---- | M] () -- C:\Users\Karel\Desktop\pomůcky do 2.třídy 1-2.odt
[2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013.08.30 09:48:13 | 000,177,864 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013.08.30 09:48:12 | 000,061,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013.08.30 09:48:12 | 000,049,376 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013.08.30 09:47:40 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.08.30 09:47:32 | 000,229,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

========== Files Created - No Company Name ==========

[2013.09.27 21:18:55 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.27 19:32:32 | 000,781,383 | ---- | C] () -- C:\Users\Karel\Desktop\RSIT.exe
[2013.09.25 17:59:16 | 001,236,890 | ---- | C] () -- C:\Users\Karel\Desktop\IMAG0088.jpg
[2013.09.25 17:59:12 | 001,216,774 | ---- | C] () -- C:\Users\Karel\Desktop\IMAG0087.jpg
[2013.09.19 17:08:20 | 000,002,388 | ---- | C] () -- C:\Users\Karel\Documents\MumbleAutomaticCertificateBackup.p12
[2013.09.12 13:19:14 | 000,001,053 | ---- | C] () -- C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
[2013.09.12 12:37:27 | 000,002,110 | ---- | C] () -- C:\Users\Karel\Desktop\AppsHat.lnk
[2013.09.12 12:37:03 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2013.09.12 12:29:04 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2013.09.12 12:24:07 | 000,000,969 | ---- | C] () -- C:\Users\Karel\Desktop\UltraISO.lnk
[2013.09.12 12:20:17 | 000,001,032 | ---- | C] () -- C:\Users\Karel\Desktop\Free Create-Burn ISO Image.lnk
[2013.09.12 09:24:11 | 000,000,769 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.08.30 15:33:05 | 000,003,851 | ---- | C] () -- C:\Users\Karel\Desktop\pomůcky do 2.třídy 1-2.odt
[2013.08.08 22:23:06 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
[2013.08.08 22:23:05 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2013.08.08 22:23:05 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2013.08.08 22:23:02 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2013.08.07 17:28:20 | 000,000,924 | ---- | C] () -- C:\Users\Karel\AppData\Local\SRDownloader.err
[2013.08.07 16:34:52 | 000,001,080 | ---- | C] () -- C:\Users\Karel\AppData\Local\SRDownloader.nast
[2013.08.07 12:59:06 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2013.08.07 12:57:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2013.08.06 14:36:49 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum
[2013.08.06 14:36:49 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSP.sys.sum
[2013.08.06 14:36:49 | 000,000,175 | ---- | C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum
[2013.08.06 14:36:46 | 000,177,864 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013.08.06 14:36:45 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013.08.06 14:14:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2013.08.06 14:10:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.08.06 14:07:07 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2013.08.06 14:02:07 | 000,254,000 | ---- | C] () -- C:\Windows\System32\Audio3D.dll
[2013.08.06 14:02:07 | 000,254,000 | ---- | C] () -- C:\Windows\System32\A3D.dll
[2013.08.06 13:57:29 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.08.06 13:57:25 | 000,030,214 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.09.12 12:40:43 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
[2013.08.06 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\GHISLER
[2013.09.27 19:28:14 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mumble
[2013.09.27 11:46:58 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Seznam.cz
[2013.09.21 23:58:49 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TS3Client
[2013.08.06 15:54:46 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\wargaming.net

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,027,086 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 07:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013.01.04 06:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\System32\drivers\tcpip.sys
[2013.07.06 07:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 06:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2013.05.08 08:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 07:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2013.01.04 06:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013.05.08 07:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012.10.03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\fd26248a019c0d225d7060374d80c003\*.tmp files -> C:\Windows\SoftwareDistribution\Download\fd26248a019c0d225d7060374d80c003\*.tmp -> ]
[3585 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.08.06 14:48:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Adobe
[2013.08.06 14:10:45 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\ATI
[2013.09.12 12:40:43 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\DAEMON Tools Lite
[2013.08.06 14:58:30 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\GHISLER
[2013.08.06 13:53:28 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Identities
[2013.08.06 14:48:07 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Macromedia
[2009.07.14 11:20:06 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Media Center Programs
[2013.08.06 15:41:01 | 000,000,000 | --SD | M] -- C:\Users\Karel\AppData\Roaming\Microsoft
[2013.08.06 14:41:53 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mozilla
[2013.09.27 19:28:14 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Mumble
[2013.09.27 11:46:58 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Seznam.cz
[2013.09.21 23:58:49 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TS3Client
[2013.08.06 15:54:46 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\wargaming.net
[2013.08.13 21:15:56 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2013.04.29 12:53:34 | 000,045,560 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013.04.12 10:13:24 | 000,457,208 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013.04.12 10:10:22 | 000,092,664 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.09.27 11:48:44 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.27 11:48:44 | 000,014,224 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.27 19:28:20 | 000,121,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.09.27 19:28:20 | 000,106,190 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.09.27 19:28:20 | 000,631,054 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.09.27 19:28:20 | 000,615,810 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.09.27 19:28:20 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.07.03 15:16:46 | 003,673,184 | ---- | M] (Disc Soft Ltd)
"cz.seznam.software.autoupdate" = "C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" -c -- [2013.05.16 15:25:04 | 001,062,472 | ---- | M] ()
"cz.seznam.software.szndesktop" = "C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q -- [2013.04.12 10:10:22 | 000,092,664 | ---- | M] ()
"AppsHat" = C:\Users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe -- [2012.10.26 08:49:04 | 000,202,752 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.08.17 11:00:53 | 000,276,376 | ---- | M] (Mozilla Corporation) MD5=B4CF3FB7E9B8EA69757541DCE6CA20ED -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.08.10 06:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.09.27 21:18:55 | 000,000,512 | ---- | M] () MD5=3D36346B67877E465B8DC5BA1F0A43DE -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.02.10 19:38:27 | 013,495,460 | ---- | M] () -- \HRY\TDU2\Test Driver Unlimited 2 by SkillGrow\Crack.rar

< *keygen* /s >

< *loader* /s >
[2013.09.04 20:10:18 | 000,071,208 | ---- | M] () -- \Games\World_of_Tanks\PhysXLoader.dll
[2013.09.04 20:10:18 | 000,002,221 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\graphicspresetsloader.pyc
[2013.09.04 20:10:18 | 000,007,015 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guicolorsloader.pyc
[2013.09.04 20:10:18 | 000,003,974 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\guisoundsloader.pyc
[2013.09.04 20:10:18 | 000,006,629 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\logindataloader.pyc
[2013.09.04 20:10:18 | 000,002,773 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\doc_loaders\windowsstoreddataloader.pyc
[2013.09.04 20:10:18 | 000,001,504 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\entities\abstract\loadermanagermeta.pyc
[2013.09.04 20:10:18 | 000,006,493 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\gui\scaleform\framework\managers\loaders.pyc
[2013.09.04 20:10:18 | 000,003,668 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\helpers\rssdownloader.pyc
[2013.09.04 20:10:18 | 000,006,907 | ---- | M] () -- \Games\World_of_Tanks\res\scripts\client\tutorial\loader.pyc
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2006.12.23 17:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2013.08.07 17:28:20 | 000,000,924 | ---- | M] () -- \Users\Karel\AppData\Local\SRDownloader.err
[2013.09.26 01:27:13 | 000,001,080 | ---- | M] () -- \Users\Karel\AppData\Local\SRDownloader.nast
[2013.08.06 15:59:28 | 000,000,723 | ---- | M] () -- \Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA7DCX1S\downloaderror[1].js
[2013.08.06 15:59:28 | 000,001,174 | ---- | M] () -- \Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA7DCX1S\downloader[1].js
[2013.09.12 12:35:04 | 000,141,216 | ---- | M] () -- \Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CBBY5TWP\bi_downloader[1].exe
[2013.09.12 12:37:13 | 000,031,516 | ---- | M] () -- \Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ELFWPJUC\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2013.04.15 13:32:10 | 000,060,416 | ---- | M] () -- \Users\Karel\AppData\Roaming\Seznam.cz\bin\610libfoxloader-x64.dll
[2013.03.29 13:37:34 | 000,059,384 | ---- | M] () -- \Users\Karel\AppData\Roaming\Seznam.cz\bin\610libfoxloader.dll
[2013.09.12 12:37:16 | 000,000,163 | ---- | M] () -- \Users\Karel\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.03.25 16:27:20 | 000,000,665 | ---- | M] () -- \Users\Karel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013.03.25 16:27:26 | 000,000,117 | ---- | M] () -- \Users\Karel\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2013.08.07 16:35:41 | 000,001,140 | ---- | M] () -- \Users\Karel\Desktop\SRDownloader – zástupce.lnk
[2013.08.07 16:34:26 | 000,905,728 | ---- | M] () -- \Users\Karel\Downloads\SRDownloader.exe
[2013.08.07 17:07:08 | 000,242,032 | ---- | M] () -- \Users\Karel\Downloads\wbfs-manager-windows-downloader.exe
[2013.09.25 14:15:28 | 000,037,382 | ---- | M] () -- \Windows\Prefetch\SRDOWNLOADER.EXE-7BC67C6B.pf
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 10:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 10:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 10:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2013.08.08 10:17:53 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2013.08.08 10:17:53 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2013.08.08 10:17:53 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 10:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 09:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 09:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

#6 Příspěvek od **Rudy** » 27 zář 2013 21:13

Spusťte znovu OTL. Do okénka >vlasní skenování/opravy< zkopírujte:

:OTL
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2090683011-2688203532-1675317805-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:files
C:\Windows\System32\perfh*.dat
C:\Windows\Tasks\SA.DAT
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

a klikněte na opravit. Po skončení akce bude PC restartován. Po restartu vložte log, který se vám zobrazí.

KAREL.CZ · #7 Příspěvek od **KAREL.CZ** » 27 zář 2013 21:32

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2090683011-2688203532-1675317805-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\Tasks\SA.DAT moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Karel
->Temp folder emptied: 2667909202 bytes
->Temporary Internet Files folder emptied: 43259972 bytes
->FireFox cache emptied: 84631919 bytes
->Flash cache emptied: 71351 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 110678808 bytes
RecycleBin emptied: 20328725507 bytes

Total Files Cleaned = 22 159,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Karel
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Karel

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 09272013_222545

Files\Folders moved on Reboot...
C:\Users\Karel\AppData\Local\Temp\_tc\sr-tdu2.iso moved successfully.
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#8 Příspěvek od **Rudy** » 27 zář 2013 22:00

Smazáno. Nastala nějaká změna?

KAREL.CZ · #9 Příspěvek od **KAREL.CZ** » 28 zář 2013 00:13

Dělá mi to todle plus ještě dva jiný obrázky. Kliknu třeba na veše stránky a oběvíse to tak to musím zrušit a pustit znova pak tu funguje a po čase se to oběví zas. Dá se na to kliknout , ale to nedělám.
http://karelcz.rajce.idnes.cz/ob#ob.jpg

KAREL.CZ · #10 Příspěvek od **KAREL.CZ** » 28 zář 2013 12:11

Nepomohlo to oběvuje se to furt.

#11 Příspěvek od **Rudy** » 28 zář 2013 18:27

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

KAREL.CZ · #12 Příspěvek od **KAREL.CZ** » 28 zář 2013 21:37

ComboFix 13-09-28.02 - Karel 28.09.2013 22:19:56.1.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3198.2329 [GMT 2:00]
Spuštěný z: c:\users\Karel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Karel\AppData\Local\Minibar
c:\users\Karel\AppData\Local\Minibar\common.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome.manifest
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\content.xul
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\extension_info.json
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\icons\icon128.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\icons\icon19.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\icons\icon32.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\icons\icon48.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\initial_config.json
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\button.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\popup_window.xul
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-left.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-middle.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\bottom-right.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-left.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\middle-right.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\style.css
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-bottom.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-left.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-right.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\tail-top.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-left.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-middle.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\theme\bubble\top-right.png
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\toolbar_stub.html
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango-ui\ui.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\browser.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\console.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\event_listener.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\initialize.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\io.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\jsonstorage.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\kango.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\lang.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\messaging.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\storage.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\uninstall_observer.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\userscript_engine.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\kango\xhr.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\main.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\actions.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\cachedxhr.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\config.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\homepage_helper.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\macros.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\minibar.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\search_helper.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\search_hook.js
c:\users\Karel\AppData\Local\Minibar\firefox\chrome\content\minibar\tabpage_helper.js
c:\users\Karel\AppData\Local\Minibar\firefox\install.rdf
c:\users\Karel\AppData\Local\Minibar\firefox\plugins\npMinibarPlugin.dll
c:\users\Karel\AppData\Local\Minibar\firefox_installer.js
c:\users\Karel\AppData\Local\Minibar\chrome.pem
c:\users\Karel\AppData\Local\Minibar\chrome\background.html
c:\users\Karel\AppData\Local\Minibar\chrome\cached_http_request.js
c:\users\Karel\AppData\Local\Minibar\chrome\extension_info.json
c:\users\Karel\AppData\Local\Minibar\chrome\icons\icon128.png
c:\users\Karel\AppData\Local\Minibar\chrome\icons\icon19.png
c:\users\Karel\AppData\Local\Minibar\chrome\icons\icon32.png
c:\users\Karel\AppData\Local\Minibar\chrome\icons\icon48.png
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_kango.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_menu.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_messaging.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_pageutils.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_popup.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_toolbar.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_toolbar_customfixes.js
c:\users\Karel\AppData\Local\Minibar\chrome\includes\content_userscript.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango-ui\button.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango-ui\toolbar.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango-ui\ui.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\browser.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\console.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\event_listener.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\initialize.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\io.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\jsonstorage.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\kango.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\lang.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\messaging.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\userscript_engine.js
c:\users\Karel\AppData\Local\Minibar\chrome\kango\xhr.js
c:\users\Karel\AppData\Local\Minibar\chrome\main.js
c:\users\Karel\AppData\Local\Minibar\chrome\manifest.json
c:\users\Karel\AppData\Local\Minibar\chrome\minibar\actions.js
c:\users\Karel\AppData\Local\Minibar\chrome\minibar\cachedxhr.js
c:\users\Karel\AppData\Local\Minibar\chrome\minibar\config.js
c:\users\Karel\AppData\Local\Minibar\chrome\minibar\macros.js
c:\users\Karel\AppData\Local\Minibar\chrome\minibar\minibar.js
c:\users\Karel\AppData\Local\Minibar\chrome\MinibarPlugin.dll
c:\users\Karel\AppData\Local\Minibar\chrome\popup.html
c:\users\Karel\AppData\Local\Minibar\chrome\popup.js
c:\users\Karel\AppData\Local\Minibar\chrome\tab.html
c:\users\Karel\AppData\Local\Minibar\chrome\tab.js
c:\users\Karel\AppData\Local\Minibar\chrome_installer.js
c:\users\Karel\AppData\Local\Minibar\ie_installer.js
c:\users\Karel\AppData\Local\Minibar\minibar.crx
c:\users\Karel\AppData\Local\Minibar\minibar.xpi
c:\users\Karel\AppData\Local\Minibar\SettingsHelper.exe
c:\users\Karel\AppData\Local\Minibar\Uninstall.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-28 do 2013-09-28 )))))))))))))))))))))))))))))))
.
.
2013-09-28 20:23 . 2013-09-28 20:23 -------- d-----w- c:\users\Karel\AppData\Local\temp
2013-09-28 20:23 . 2013-09-28 20:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-28 00:14 . 2013-09-11 02:28 271256 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-27 20:25 . 2013-09-27 20:25 -------- d-----w- C:\_OTL
2013-09-27 19:18 . 2013-09-27 19:18 512 ----a-w- C:\PhysicalMBR.bin
2013-09-27 17:33 . 2013-09-27 17:33 -------- d-----w- c:\program files\trend micro
2013-09-27 17:33 . 2013-09-27 17:33 -------- d-----w- C:\rsit
2013-09-27 07:30 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DAFDC2C1-734F-4306-92D2-6AAF3FA97651}\mpengine.dll
2013-09-19 15:07 . 2013-09-28 20:13 -------- d-----w- c:\users\Karel\AppData\Roaming\Mumble
2013-09-19 15:06 . 2013-09-19 15:07 -------- d-----w- c:\program files\Mumble
2013-09-12 21:17 . 2013-09-12 21:17 -------- d-----w- c:\users\Karel\AppData\Local\CrashRpt
2013-09-12 11:20 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-09-12 11:20 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-09-12 11:20 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-09-12 11:06 . 2013-09-12 11:06 -------- d-----w- c:\program files\Atari
2013-09-12 10:41 . 2013-09-12 10:54 -------- d-----w- C:\HRY
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\users\Karel\AppData\Local\Application Data
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\program files\LemurLeap
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\users\Karel\AppData\Local\WebPlayer
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\users\Karel\AppData\Local\AppsHat Mobile Apps
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\program files\Minibar
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\program files\Seznam.cz
2013-09-12 10:37 . 2013-09-28 06:34 -------- d-----w- c:\users\Karel\AppData\Roaming\Seznam.cz
2013-09-12 10:35 . 2013-09-12 10:35 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-09-12 10:35 . 2013-09-12 10:40 -------- d-----w- c:\users\Karel\AppData\Roaming\DAEMON Tools Lite
2013-09-12 10:35 . 2013-09-12 10:35 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-09-12 10:35 . 2013-09-12 10:40 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-09-12 10:28 . 2013-09-12 10:28 -------- d-----w- c:\program files\Elaborate Bytes
2013-09-12 10:24 . 2013-09-12 10:24 -------- d-----w- c:\program files\Common Files\EZB Systems
2013-09-12 10:24 . 2013-09-12 10:24 -------- d-----w- c:\program files\UltraISO
2013-09-12 10:20 . 2013-09-12 10:20 -------- d-----w- c:\program files\Free Create-Burn ISO Image
2013-09-12 10:20 . 2002-07-17 08:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2013-09-12 10:20 . 2002-07-17 06:53 16877 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2013-09-12 10:00 . 2013-09-12 10:15 643072 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-09-12 10:00 . 2013-09-12 10:15 140160 ----a-w- c:\windows\system32\drivers\sptd8973.sys
2013-09-12 07:24 . 2013-09-12 07:24 -------- d-----w- C:\Games
2013-09-12 07:05 . 2013-09-12 07:05 -------- d-----w- c:\program files\Dokan
2013-09-11 07:28 . 2013-09-11 07:28 -------- d-----w- c:\users\Karel\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-28 00:11 . 2013-08-06 13:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-28 00:11 . 2013-08-06 13:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-30 07:48 . 2013-08-06 12:36 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-08-06 12:24 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-08-06 12:24 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-08-06 12:36 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-08-06 12:24 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-08-06 12:24 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-08-06 12:24 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-08-06 12:24 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-08-06 12:24 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-08-06 12:24 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-09 00:40 . 2013-08-09 00:40 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-08-09 00:40 . 2013-08-09 00:40 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-08-09 00:40 . 2013-08-09 00:40 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-08-09 00:40 . 2013-08-09 00:40 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-08-09 00:40 . 2013-08-09 00:40 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-08-09 00:40 . 2013-08-09 00:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-08-09 00:40 . 2013-08-09 00:40 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-08-09 00:40 . 2013-08-09 00:40 361984 ----a-w- c:\windows\system32\html.iec
2013-08-09 00:40 . 2013-08-09 00:40 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-09 00:40 . 2013-08-09 00:40 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-08-09 00:40 . 2013-08-09 00:40 158720 ----a-w- c:\windows\system32\msls31.dll
2013-08-09 00:40 . 2013-08-09 00:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-08-09 00:40 . 2013-08-09 00:40 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-09 00:40 . 2013-08-09 00:40 138752 ----a-w- c:\windows\system32\wextract.exe
2013-08-09 00:40 . 2013-08-09 00:40 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-08-09 00:40 . 2013-08-09 00:40 12800 ----a-w- c:\windows\system32\mshta.exe
2013-08-09 00:40 . 2013-08-09 00:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-08-09 00:39 . 2013-08-09 00:39 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-08-09 00:39 . 2013-08-09 00:39 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-08-09 00:39 . 2013-08-09 00:39 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-09 00:39 . 2013-08-09 00:39 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-08-09 00:39 . 2013-08-09 00:39 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-08-09 00:39 . 2013-08-09 00:39 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-08-09 00:39 . 2013-08-09 00:39 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-08-09 00:39 . 2013-08-09 00:39 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-09 00:39 . 2013-08-09 00:39 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-08-09 00:39 . 2013-08-09 00:39 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-09 00:39 . 2013-08-09 00:39 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-08-09 00:39 . 2013-08-09 00:39 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-09 00:39 . 2013-08-09 00:39 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-08-09 00:39 . 2013-08-09 00:39 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-09 00:39 . 2013-08-09 00:39 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-08-09 00:39 . 2013-08-09 00:39 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-08-09 00:39 . 2013-08-09 00:39 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-08 08:17 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-08-07 02:22 . 2013-08-06 12:27 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-25 08:57 . 2013-08-14 07:23 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-14 07:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-09 05:03 . 2013-08-14 07:23 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-09 05:03 . 2013-08-14 07:23 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-09 04:53 . 2013-08-14 07:23 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-14 07:23 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-14 07:23 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-14 07:23 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 07:23 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-14 07:23 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-06 05:05 . 2013-08-14 07:23 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"cz.seznam.software.autoupdate"="c:\users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"AppsHat"="c:\users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe" [2012-10-26 202752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-08-08 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2013-09-12 643072]
R2 DokanMounter;DokanMounter;c:\program files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-03-09 2116480]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-06 1343400]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-12 243128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-29 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-01-10 95744]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 Update LemurLeap;Update LemurLeap;c:\program files\LemurLeap\updateLemurLeap.exe [2013-08-31 206624]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-08-16 101904]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
.
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\
FF - ExtSQL: 2013-08-06 14:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-31 09:36; firefox@lemurleap.info; c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\firefox@lemurleap.info.xpi
FF - ExtSQL: 2013-09-12 12:37; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-09-28 22:25:06
ComboFix-quarantined-files.txt 2013-09-28 20:25
.
Před spuštěním: Volných bajtů: 919 672 209 408
Po spuštění: Volných bajtů: 919 340 212 224
.
- - End Of File - - 8521EB56AE91A82F8A27CFDEB048333F
A36C5E4F47E84449FF07ED3517B43A31

#13 Příspěvek od **Rudy** » 28 zář 2013 21:50

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Folder::
c:\program files\Minibar

Collect::
c:\windows\system32\drivers\sptd8973.sys

Driver::
sptd8973

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

KAREL.CZ · #14 Příspěvek od **KAREL.CZ** » 28 zář 2013 23:04

ComboFix 13-09-28.02 - Karel 28.09.2013 23:36:13.2.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3198.2307 [GMT 2:00]
Spuštěný z: c:\users\Karel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Karel\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
file zipped: c:\windows\system32\drivers\sptd8973.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Minibar
c:\program files\Minibar\config.xml
c:\program files\Minibar\extension_info.json
c:\program files\Minibar\icons\icon128.png
c:\program files\Minibar\icons\icon16.ico
c:\program files\Minibar\icons\icon19.ico
c:\program files\Minibar\icons\icon19.png
c:\program files\Minibar\icons\icon32.png
c:\program files\Minibar\icons\icon48.png
c:\program files\Minibar\initial_config.json
c:\program files\Minibar\kango-ui\commandbar_button.js
c:\program files\Minibar\kango-ui\theme\bubble\bottom-left.png
c:\program files\Minibar\kango-ui\theme\bubble\bottom-middle.png
c:\program files\Minibar\kango-ui\theme\bubble\bottom-right.png
c:\program files\Minibar\kango-ui\theme\bubble\middle-left.png
c:\program files\Minibar\kango-ui\theme\bubble\middle-right.png
c:\program files\Minibar\kango-ui\theme\bubble\tail-bottom.png
c:\program files\Minibar\kango-ui\theme\bubble\tail-left.png
c:\program files\Minibar\kango-ui\theme\bubble\tail-right.png
c:\program files\Minibar\kango-ui\theme\bubble\tail-top.png
c:\program files\Minibar\kango-ui\theme\bubble\top-left.png
c:\program files\Minibar\kango-ui\theme\bubble\top-middle.png
c:\program files\Minibar\kango-ui\theme\bubble\top-right.png
c:\program files\Minibar\kango-ui\toolbar.js
c:\program files\Minibar\kango-ui\toolbar_stub.html
c:\program files\Minibar\kango-ui\ui.js
c:\program files\Minibar\kango\browser.js
c:\program files\Minibar\kango\console.js
c:\program files\Minibar\kango\event_listener.js
c:\program files\Minibar\kango\initialize.js
c:\program files\Minibar\kango\io.js
c:\program files\Minibar\kango\json.js
c:\program files\Minibar\kango\jsonstorage.js
c:\program files\Minibar\kango\kango.js
c:\program files\Minibar\kango\lang.js
c:\program files\Minibar\kango\md5.js
c:\program files\Minibar\kango\messaging.js
c:\program files\Minibar\kango\storage.js
c:\program files\Minibar\kango\userscript_engine.js
c:\program files\Minibar\kango\utils.js
c:\program files\Minibar\kango\xhr.js
c:\program files\Minibar\main.js
c:\program files\Minibar\Minibar.dll
c:\program files\Minibar\minibar\actions.js
c:\program files\Minibar\minibar\cachedxhr.js
c:\program files\Minibar\minibar\config.js
c:\program files\Minibar\minibar\macros.js
c:\program files\Minibar\minibar\minibar.js
c:\windows\system32\drivers\sptd8973.sys
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-28 do 2013-09-28 )))))))))))))))))))))))))))))))
.
.
2013-09-28 21:39 . 2013-09-28 21:41 -------- d-----w- c:\users\Karel\AppData\Local\temp
2013-09-28 21:39 . 2013-09-28 21:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-28 21:35 . 2013-09-28 21:35 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DAFDC2C1-734F-4306-92D2-6AAF3FA97651}\offreg.dll
2013-09-28 00:14 . 2013-09-11 02:28 271256 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-27 20:25 . 2013-09-27 20:25 -------- d-----w- C:\_OTL
2013-09-27 19:18 . 2013-09-27 19:18 512 ----a-w- C:\PhysicalMBR.bin
2013-09-27 17:33 . 2013-09-27 17:33 -------- d-----w- c:\program files\trend micro
2013-09-27 17:33 . 2013-09-27 17:33 -------- d-----w- C:\rsit
2013-09-27 07:30 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DAFDC2C1-734F-4306-92D2-6AAF3FA97651}\mpengine.dll
2013-09-19 15:07 . 2013-09-28 20:13 -------- d-----w- c:\users\Karel\AppData\Roaming\Mumble
2013-09-19 15:06 . 2013-09-19 15:07 -------- d-----w- c:\program files\Mumble
2013-09-12 21:17 . 2013-09-12 21:17 -------- d-----w- c:\users\Karel\AppData\Local\CrashRpt
2013-09-12 11:20 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-09-12 11:20 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-09-12 11:20 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-09-12 11:06 . 2013-09-12 11:06 -------- d-----w- c:\program files\Atari
2013-09-12 10:41 . 2013-09-12 10:54 -------- d-----w- C:\HRY
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\users\Karel\AppData\Local\Application Data
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\program files\LemurLeap
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\users\Karel\AppData\Local\WebPlayer
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\users\Karel\AppData\Local\AppsHat Mobile Apps
2013-09-12 10:37 . 2013-09-12 10:37 -------- d-----w- c:\program files\Seznam.cz
2013-09-12 10:37 . 2013-09-28 06:34 -------- d-----w- c:\users\Karel\AppData\Roaming\Seznam.cz
2013-09-12 10:35 . 2013-09-12 10:35 243128 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-09-12 10:35 . 2013-09-12 10:40 -------- d-----w- c:\users\Karel\AppData\Roaming\DAEMON Tools Lite
2013-09-12 10:35 . 2013-09-12 10:35 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-09-12 10:35 . 2013-09-12 10:40 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-09-12 10:28 . 2013-09-12 10:28 -------- d-----w- c:\program files\Elaborate Bytes
2013-09-12 10:24 . 2013-09-12 10:24 -------- d-----w- c:\program files\Common Files\EZB Systems
2013-09-12 10:24 . 2013-09-12 10:24 -------- d-----w- c:\program files\UltraISO
2013-09-12 10:20 . 2013-09-12 10:20 -------- d-----w- c:\program files\Free Create-Burn ISO Image
2013-09-12 10:20 . 2002-07-17 08:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2013-09-12 10:20 . 2002-07-17 06:53 16877 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2013-09-12 10:00 . 2013-09-12 10:15 643072 ----a-w- c:\windows\system32\drivers\sptd.sys
2013-09-12 07:24 . 2013-09-12 07:24 -------- d-----w- C:\Games
2013-09-12 07:05 . 2013-09-12 07:05 -------- d-----w- c:\program files\Dokan
2013-09-11 07:28 . 2013-09-11 07:28 -------- d-----w- c:\users\Karel\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-28 00:11 . 2013-08-06 13:59 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-28 00:11 . 2013-08-06 13:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-30 07:48 . 2013-08-06 12:36 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-08-06 12:24 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-08-06 12:24 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-08-06 12:36 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-08-06 12:24 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-08-06 12:24 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-08-06 12:24 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-08-06 12:24 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-08-06 12:24 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-08-06 12:24 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-09 00:40 . 2013-08-09 00:40 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-08-09 00:40 . 2013-08-09 00:40 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-08-09 00:40 . 2013-08-09 00:40 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-08-09 00:40 . 2013-08-09 00:40 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-08-09 00:40 . 2013-08-09 00:40 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-08-09 00:40 . 2013-08-09 00:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-08-09 00:40 . 2013-08-09 00:40 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-08-09 00:40 . 2013-08-09 00:40 361984 ----a-w- c:\windows\system32\html.iec
2013-08-09 00:40 . 2013-08-09 00:40 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-09 00:40 . 2013-08-09 00:40 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-08-09 00:40 . 2013-08-09 00:40 158720 ----a-w- c:\windows\system32\msls31.dll
2013-08-09 00:40 . 2013-08-09 00:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-08-09 00:40 . 2013-08-09 00:40 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-09 00:40 . 2013-08-09 00:40 138752 ----a-w- c:\windows\system32\wextract.exe
2013-08-09 00:40 . 2013-08-09 00:40 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-08-09 00:40 . 2013-08-09 00:40 12800 ----a-w- c:\windows\system32\mshta.exe
2013-08-09 00:40 . 2013-08-09 00:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-08-09 00:39 . 2013-08-09 00:39 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-08-09 00:39 . 2013-08-09 00:39 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-08-09 00:39 . 2013-08-09 00:39 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-09 00:39 . 2013-08-09 00:39 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-08-09 00:39 . 2013-08-09 00:39 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-08-09 00:39 . 2013-08-09 00:39 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-08-09 00:39 . 2013-08-09 00:39 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-08-09 00:39 . 2013-08-09 00:39 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-08-09 00:39 . 2013-08-09 00:39 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-09 00:39 . 2013-08-09 00:39 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-08-09 00:39 . 2013-08-09 00:39 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-09 00:39 . 2013-08-09 00:39 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-08-09 00:39 . 2013-08-09 00:39 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-09 00:39 . 2013-08-09 00:39 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-08-09 00:39 . 2013-08-09 00:39 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-09 00:39 . 2013-08-09 00:39 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-08-09 00:39 . 2013-08-09 00:39 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-08-09 00:39 . 2013-08-09 00:39 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-08-08 08:17 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-08-07 02:22 . 2013-08-06 12:27 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-07-25 08:57 . 2013-08-14 07:23 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-14 07:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-09 05:03 . 2013-08-14 07:23 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-09 05:03 . 2013-08-14 07:23 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-09 04:53 . 2013-08-14 07:23 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-14 07:23 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-14 07:23 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-14 07:23 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 07:23 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-14 07:23 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-06 05:05 . 2013-08-14 07:23 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"cz.seznam.software.autoupdate"="c:\users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"AppsHat"="c:\users\Karel\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe" [2012-10-26 202752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-08-08 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2013-09-12 643072]
R3 CFcatchme;CFcatchme;c:\users\Karel\AppData\Local\Temp\CFcatchme.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-03-09 2116480]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-06 1343400]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-12 243128]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-29 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
S2 Dokan;Dokan;c:\windows\system32\drivers\dokan.sys [2011-01-10 95744]
S2 DokanMounter;DokanMounter;c:\program files\Dokan\DokanLibrary\mounter.exe [2011-01-10 14848]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
S2 Update LemurLeap;Update LemurLeap;c:\program files\LemurLeap\updateLemurLeap.exe [2013-08-31 206624]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-08-16 101904]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 64904]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 146568]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-05-31 267880]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\
FF - ExtSQL: 2013-08-06 14:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-08-31 09:36; firefox@lemurleap.info; c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\firefox@lemurleap.info.xpi
FF - ExtSQL: 2013-09-12 12:37; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\6dfief20.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\DAODx.exe
c:\windows\system32\conhost.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\users\Karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\program files\PANDORA.TV\PanService\PanProcess.exe
.
**************************************************************************
.
Celkový čas: 2013-09-28 23:42:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-28 21:42
ComboFix2.txt 2013-09-28 20:25
.
Před spuštěním: Volných bajtů: 915 617 357 824
Po spuštění: Volných bajtů: 915 420 278 784
.
- - End Of File - - C17E4385B124CDE5C87F1E6D545F6BB7
A36C5E4F47E84449FF07ED3517B43A31
Nahr nˇ probŘhlo ŁspŘçnŘ

KAREL.CZ · #15 Příspěvek od **KAREL.CZ** » 29 zář 2013 08:44

Dneska když jsem se přihlašoval k vám na stránky tak se mi to oběvilo zase tentokrát to byli nejací rytíři na hradbách, když to nechám tak to po chvilce zmizne samo a pak se to normálně připojí tam co jsem původně chtěl.

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu