Prosím o preventivku logu - HDD pořád něco chroupe

Zpráva

ferneticek · #16 Příspěvek od **ferneticek** » 27 led 2014 20:01

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Fern [Práva správce]
Mód : Kontrola -- Datum : 01/27/2014 19:59:35
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[Fern][SUSP UNIC] Adobe Gamma.lnk : C:\Documents and Settings\Fern\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk [-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250318AS +++++
--- User ---
[MBR] 2c3dcc02810ce309b9f7d52eea721d80
[BSP] d13daec9aea121aba934242cd85c6ece : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38475 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 78798825 | Size: 199996 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01272014_195935.txt >>

#17 Příspěvek od **Márty84** » 27 led 2014 20:05

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

ferneticek · #18 Příspěvek od **ferneticek** » 27 led 2014 20:09

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Fern [Práva správce]
Mód : Odebrat -- Datum : 01/27/2014 20:08:42
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250318AS +++++
--- User ---
[MBR] 2c3dcc02810ce309b9f7d52eea721d80
[BSP] d13daec9aea121aba934242cd85c6ece : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38475 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 78798825 | Size: 199996 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01272014_200842.txt >>
RKreport[0]_D_01272014_200630.txt;RKreport[0]_S_01272014_195935.txt;RKreport[0]_S_01272014_200836.txt

ferneticek · #19 Příspěvek od **ferneticek** » 27 led 2014 20:10

RogueKiller V8.8.3 [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Fern [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/27/2014 20:09:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

#20 Příspěvek od **Márty84** » 27 led 2014 20:41

Ten posledni log neni cely, ale nevadi.

Dejte novy log z RSIT

ferneticek · #21 Příspěvek od **ferneticek** » 27 led 2014 20:45

Logfile of random's system information tool 1.09 (written by random/random)
Run by Fern at 2014-01-27 20:44:46
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (60%) free of 38 GB
Total RAM: 511 MB (18% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:00, on 27.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
D:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Fern\Plocha\RSIT.exe
D:\install\Fern.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Driver Helper Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5790 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fern\Data aplikací\Mozilla\Firefox\Profiles\s4aaqwz8.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\Documents and Settings\All Users\Data aplikací\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=D:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=d:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2011-10-15 175744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-12-28 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2011-10-15 4352120]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-12-28 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe [2005-06-08 458752]
"LogitechVideoTray"=C:\Program Files\Logitech\Video\LogiTray.exe [2005-06-08 217088]
"CanonMyPrinter"=D:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2013-01-31 15517472]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2013-01-31 1982312]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2013-12-28 3764024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"=C:\Program Files\Logitech\Video\ManifestEngine.exe [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Documents and Settings\Fern\Data aplikací\uTorrent\utorrent.exe"="D:\Documents and Settings\Fern\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Quake III Arena\quake3.exe"="D:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe"="C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\GtkRadiant 1.5.0\GtkRadiant.exe"="C:\Program Files\GtkRadiant 1.5.0\GtkRadiant.exe:*:Enabled:GtkRadiant"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\FileZilla FTP Client\filezilla.exe"="D:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2014-01-26 19:26:31 ----D---- C:\Documents and Settings\Fern\Data aplikací\Malwarebytes
2014-01-26 19:26:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-01-26 18:40:18 ----A---- C:\ComboFix.txt
2014-01-26 18:33:28 ----D---- C:\WINDOWS\temp
2014-01-26 17:28:01 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-26 16:37:18 ----D---- C:\AdwCleaner
2014-01-26 14:17:22 ----D---- C:\rsit
2014-01-24 18:25:20 ----A---- C:\Boot.bak
2014-01-24 18:25:11 ----RASHD---- C:\cmdcons
2014-01-24 18:19:48 ----A---- C:\WINDOWS\zip.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\SWSC.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\SWREG.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\sed.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\PEV.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\NIRCMD.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\MBR.exe
2014-01-24 18:19:48 ----A---- C:\WINDOWS\grep.exe
2014-01-24 18:11:55 ----D---- C:\Qoobox
2014-01-24 18:11:35 ----D---- C:\WINDOWS\erdnt
2014-01-24 12:35:40 ----D---- C:\Documents and Settings\Fern\Data aplikací\AVG
2014-01-24 12:11:39 ----D---- C:\Documents and Settings\Fern\Data aplikací\Opera Software
2014-01-24 12:10:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG
2014-01-24 12:10:03 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-01-24 12:10:03 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2014-01-24 12:06:24 ----D---- C:\Documents and Settings\Fern\Data aplikací\rmi
2014-01-23 21:36:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2014-01-23 21:35:58 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-01-22 13:33:51 ----A---- C:\WINDOWS\system32\javaws.exe
2014-01-22 13:33:40 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-01-22 13:33:40 ----A---- C:\WINDOWS\system32\javaw.exe
2014-01-22 13:33:40 ----A---- C:\WINDOWS\system32\java.exe

======List of files/folders modified in the last 1 month======

2014-01-27 20:44:54 ----D---- C:\WINDOWS\Prefetch
2014-01-27 20:44:31 ----D---- C:\WINDOWS\system32
2014-01-27 20:08:33 ----D---- C:\WINDOWS\system32\drivers
2014-01-27 19:57:30 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-27 19:55:17 ----D---- C:\Program Files
2014-01-27 10:45:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-27 10:45:22 ----SHD---- C:\System Volume Information
2014-01-27 10:45:22 ----D---- C:\WINDOWS\system32\Restore
2014-01-27 10:28:22 ----D---- C:\WINDOWS\ehome
2014-01-26 18:35:53 ----D---- C:\WINDOWS
2014-01-26 18:35:53 ----A---- C:\WINDOWS\system.ini
2014-01-26 18:35:33 ----D---- C:\WINDOWS\system32\drivers\etc
2014-01-26 18:33:54 ----D---- C:\WINDOWS\system32\config
2014-01-26 18:29:52 ----D---- C:\WINDOWS\AppPatch
2014-01-26 18:29:47 ----D---- C:\Program Files\Common Files
2014-01-26 17:26:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-01-26 15:15:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-01-24 18:25:20 ----RASH---- C:\boot.ini
2014-01-24 14:16:11 ----SHD---- C:\WINDOWS\Installer
2014-01-24 14:16:11 ----D---- C:\Config.Msi
2014-01-23 21:25:47 ----SD---- C:\WINDOWS\Tasks
2014-01-23 21:12:04 ----D---- C:\Documents and Settings\Fern\Data aplikací\602Installer
2014-01-23 11:18:38 ----D---- C:\WINDOWS\Debug
2014-01-22 13:33:40 ----D---- C:\Program Files\Java
2014-01-16 09:55:00 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-01-15 19:56:39 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 19:44:27 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 19:43:40 ----HD---- C:\WINDOWS\inf
2014-01-15 19:43:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-13 21:09:05 ----HD---- C:\Program Files\InstallShield Installation Information
2014-01-13 21:06:00 ----D---- C:\WINDOWS\Minidump
2014-01-13 15:44:42 ----D---- C:\Documents and Settings\Fern\Data aplikací\gtk-2.0
2013-12-28 22:56:19 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-11-19 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-28 180248]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-21 691696]
R0 timounter;Seagate DiscWizard Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-03-07 441760]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 tifsfilter;Seagate DiscWizard FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2010-03-07 44384]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\WINDOWS\system32\DRIVERS\CamSuiteVAC.sys [2008-09-20 37560]
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-11 1287296]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-01-31 22016]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-01-31 12648960]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S3 aamj1ge0;aamj1ge0; C:\WINDOWS\system32\drivers\aamj1ge0.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-22 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2005-01-31 211712]
S3 pwdrvio;pwdrvio; \??\C:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-12-28 50344]
R2 Iprip;Naslouchání RIP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-12-18 182696]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 nvsvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2013-01-31 156448]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2001-10-25 19456]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2013-09-17 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-16 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-27 136176]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-05 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 p2pgasvc;Ověřování v síti skupiny rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Správce identit sítě rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Síť rovnocenných počítačů; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 PNRPSvc;Protokol PNRP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-01-31 1259296]
S4 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-03-09 65795]

-----------------EOF-----------------

#22 Příspěvek od **Márty84** » 27 led 2014 20:50

Jeste jeden sken a budem mazat.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

ferneticek · #23 Příspěvek od **ferneticek** » 27 led 2014 21:33

OTL logfile created on: 27.1.2014 20:55:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Fern\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,23 Mb Total Physical Memory | 91,41 Mb Available Physical Memory | 17,88% Memory free
1,97 Gb Paging File | 1,41 Gb Available in Paging File | 71,84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,57 Gb Total Space | 22,40 Gb Free Space | 59,63% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 104,42 Gb Free Space | 53,46% Space Free | Partition Type: NTFS

Computer Name: PCOBYVAK | User Name: Fern | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.27 20:52:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fern\Plocha\OTL.exe
PRC - [2013.12.28 22:56:16 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2013.12.28 22:56:16 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.12.05 20:34:42 | 000,275,568 | ---- | M] (Mozilla Corporation) -- D:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.03.25 02:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- D:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.07.19 17:32:18 | 000,221,184 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE
PRC - [2005.06.08 15:14:44 | 000,217,088 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\LogiTray.exe
PRC - [2005.06.08 14:44:56 | 000,192,512 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Video\FxSvr2.exe

========== Modules (No Company Name) ==========

MOD - [2014.01.27 17:58:40 | 002,166,272 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\14012701\algo.dll
MOD - [2014.01.26 20:21:56 | 002,166,272 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\14012601\algo.dll
MOD - [2014.01.16 09:54:59 | 016,287,624 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
MOD - [2013.12.05 20:36:56 | 003,559,024 | ---- | M] () -- D:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.11.19 16:32:53 | 019,336,120 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\libcef.dll
MOD - [2013.08.07 20:25:24 | 000,093,696 | ---- | M] () -- D:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2013.01.31 12:22:47 | 001,564,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nView.dll
MOD - [2013.01.31 12:22:47 | 000,357,224 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nView\nvShell.dll
MOD - [2002.07.19 18:16:50 | 000,270,336 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2002.05.14 18:22:34 | 000,122,880 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2001.10.28 15:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\pdfcmnnt.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014.01.16 09:55:00 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.28 22:56:16 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.18 21:05:43 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.12.05 20:36:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.18 10:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.31 12:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010.04.14 11:28:44 | 000,073,728 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.04.14 04:21:53 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008.04.14 04:21:44 | 000,035,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2003.03.09 21:31:02 | 000,065,795 | ---- | M] (HP) [Disabled | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aamj1ge0)
DRV - [2013.12.28 22:56:20 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.12.28 22:56:20 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.12.28 22:56:20 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.12.28 22:56:20 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.12.28 22:56:20 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.12.28 22:56:20 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.11.19 16:32:55 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.01.23 09:31:52 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2013.01.23 09:31:52 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2013.01.23 09:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2013.01.23 09:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2013.01.23 09:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.10.17 13:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.06.18 13:34:38 | 000,015,576 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2012.06.18 13:34:38 | 000,010,200 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2010.06.21 14:28:29 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.03.07 12:11:16 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010.03.07 12:11:16 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010.02.11 13:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008.09.20 00:41:50 | 000,037,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamSuiteVAC.sys -- (CamSuiteVAC)
DRV - [2005.05.11 15:39:56 | 001,287,296 | R--- | M] (C-Media Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2005.01.31 11:20:04 | 000,211,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2005.01.31 11:12:48 | 000,022,016 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2005.01.07 17:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.10.27 07:24:00 | 000,223,104 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004.08.13 11:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-842925246-152049171-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-842925246-152049171-725345543-1003\..\SearchScopes\{327E9BDF-D6EA-426C-B71F-254AEA1745D1}: "URL" = http://www.google.com/search?q={searchT ... 1I7ADFA_cs
IE - HKU\S-1-5-21-842925246-152049171-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Data aplikací\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: D:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: d:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.12.28 22:56:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: D:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins

[2010.05.24 20:41:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fern\Data aplikací\Mozilla\Extensions
[2010.05.24 20:41:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fern\Data aplikací\Mozilla\Extensions\home2@tomtom.com
[2013.12.28 22:56:21 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF

O1 HOSTS File: ([2014.01.27 20:09:25 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-842925246-152049171-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-842925246-152049171-725345543-1003\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKU\S-1-5-21-842925246-152049171-725345543-1003..\Run: [LogitechSoftwareUpdate] C:\Program Files\Logitech\Video\ManifestEngine.exe (Logitech Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-152049171-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - D:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O15 - HKLM\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-842925246-152049171-725345543-1003\..Trusted Domains: localhost ([]http in Internet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.195.213.6 81.30.225.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77B5FC12-03F9-4F32-B104-521B9564B71D}: DhcpNameServer = 213.195.213.6 81.30.225.2
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.11.26 20:30:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - C:\WINDOWS\system32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.27 20:53:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Fern\Plocha\OTL.exe
[2014.01.27 19:56:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Plocha\RK_Quarantine
[2014.01.26 19:26:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Data aplikací\Malwarebytes
[2014.01.26 19:26:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.01.26 18:33:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.01.26 16:37:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.26 15:33:35 | 000,000,000 | ---D | C] -- D:\dokumenty\zaloha
[2014.01.26 14:17:22 | 000,000,000 | ---D | C] -- C:\rsit
[2014.01.26 14:10:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Fern\Recent
[2014.01.24 18:25:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.01.24 18:19:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2014.01.24 18:19:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2014.01.24 18:19:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2014.01.24 18:19:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2014.01.24 18:11:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.01.24 18:11:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.01.24 17:49:47 | 005,175,240 | R--- | C] (Swearware) -- C:\Documents and Settings\Fern\Plocha\ComboFix.exe
[2014.01.24 13:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2014.01.24 12:35:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Data aplikací\AVG
[2014.01.24 12:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Local Settings\Data aplikací\Opera Software
[2014.01.24 12:11:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Data aplikací\Opera Software
[2014.01.24 12:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2014.01.24 12:10:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.01.24 12:10:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2014.01.24 12:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Data aplikací\rmi
[2014.01.23 21:37:42 | 000,000,000 | ---D | C] -- D:\dokumenty\Stažené soubory
[2014.01.23 21:36:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Local Settings\Data aplikací\Mozilla
[2014.01.23 21:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Mozilla
[2014.01.23 21:35:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2014.01.22 13:33:51 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2014.01.22 13:33:51 | 000,145,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2014.01.22 13:33:40 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2014.01.22 13:33:40 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2014.01.22 13:33:40 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2014.01.22 13:33:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.27 20:59:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.27 20:57:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.27 20:52:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Fern\Plocha\OTL.exe
[2014.01.27 20:29:20 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.27 20:09:25 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2014.01.27 19:55:42 | 003,792,384 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\RogueKiller.exe
[2014.01.27 19:47:32 | 000,212,186 | ---- | M] () -- C:\Documents and Settings\Fern\.recently-used.xbel
[2014.01.27 18:29:11 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.27 10:56:04 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.01.27 10:46:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.26 17:48:57 | 000,000,068 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\La Ciénaga (2001) - The Swamp - YouTube.URL
[2014.01.26 17:28:07 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.26 17:28:01 | 000,159,544 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.26 16:35:45 | 001,236,282 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\adwcleaner.exe
[2014.01.26 14:46:58 | 000,002,407 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\Microsoft Office Outlook 2003.lnk
[2014.01.26 14:17:03 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\RSIT.exe
[2014.01.26 14:09:05 | 000,000,580 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2014.01.24 18:25:20 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2014.01.24 17:50:18 | 005,175,240 | R--- | M] (Swearware) -- C:\Documents and Settings\Fern\Plocha\ComboFix.exe
[2014.01.24 13:41:47 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2014.01.24 12:10:59 | 000,000,561 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2014.01.23 21:36:02 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2014.01.23 20:53:07 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Fern\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.01.22 19:47:07 | 000,000,465 | ---- | M] () -- C:\Documents and Settings\Fern\intlname.ols
[2014.01.20 22:22:06 | 001,073,452 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2014.01.20 22:22:06 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2014.01.20 22:21:54 | 001,073,452 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2014.01.20 22:20:27 | 000,000,013 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2014.01.16 09:55:00 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.01.16 09:54:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2014.01.12 21:07:44 | 000,058,117 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\1512623_646042465430863_259578862_n.jpg
[2014.01.08 18:54:42 | 000,143,550 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\1420232_10200183011617089_491683378_n.jpg
[2014.01.03 23:02:48 | 000,124,976 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\238.jpg
[2014.01.03 22:56:56 | 000,134,992 | ---- | M] () -- C:\Documents and Settings\Fern\Plocha\72.jpg
[2013.12.28 22:56:47 | 000,001,744 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.12.28 22:56:20 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.12.28 22:56:20 | 000,410,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.12.28 22:56:20 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.12.28 22:56:20 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.12.28 22:56:20 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.12.28 22:56:20 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.12.28 22:56:19 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.12.28 22:56:19 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.27 20:59:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.27 20:44:36 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\RSIT.exe
[2014.01.27 19:56:04 | 003,792,384 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\RogueKiller.exe
[2014.01.27 19:47:32 | 000,212,186 | ---- | C] () -- C:\Documents and Settings\Fern\.recently-used.xbel
[2014.01.26 17:48:57 | 000,000,068 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\La Ciénaga (2001) - The Swamp - YouTube.URL
[2014.01.26 17:28:01 | 000,159,544 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.01.26 16:35:43 | 001,236,282 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\adwcleaner.exe
[2014.01.24 18:25:20 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2014.01.24 18:25:14 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2014.01.24 18:19:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2014.01.24 18:19:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2014.01.24 18:19:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2014.01.24 18:19:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2014.01.24 18:19:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2014.01.24 12:10:59 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Opera.lnk
[2014.01.24 12:10:59 | 000,000,561 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
[2014.01.23 21:36:02 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2014.01.23 21:36:02 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
[2014.01.23 21:24:56 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Fern\Nabídka Start\Programy\Internet Explorer.lnk
[2014.01.12 21:07:39 | 000,058,117 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\1512623_646042465430863_259578862_n.jpg
[2014.01.08 18:54:40 | 000,143,550 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\1420232_10200183011617089_491683378_n.jpg
[2014.01.03 22:56:19 | 000,134,992 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\72.jpg
[2014.01.03 22:55:33 | 000,124,976 | ---- | C] () -- C:\Documents and Settings\Fern\Plocha\238.jpg
[2013.11.10 23:00:09 | 000,090,256 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.11.10 22:59:50 | 001,025,389 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-842925246-152049171-725345543-1003-0.dat
[2013.11.10 22:59:41 | 000,150,450 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.09.21 21:38:40 | 000,006,576 | ---- | C] () -- C:\Documents and Settings\Fern\UserCustomPreset_Adobe Premiere Pro 2.0.vpr
[2013.05.24 22:00:09 | 000,000,119 | ---- | C] () -- C:\Documents and Settings\Fern\.gtk-bookmarks
[2013.04.14 14:56:48 | 001,073,452 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.04.14 14:56:48 | 001,073,452 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.04.14 14:56:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.03.13 22:02:45 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.13 22:02:43 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.02.08 04:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.12.24 19:42:01 | 002,872,512 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2012.12.24 19:41:58 | 000,015,576 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2012.12.24 19:41:57 | 000,010,200 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2012.11.09 21:41:03 | 002,317,848 | ---- | C] () -- C:\WINDOWS\System32\ssins.exe
[2012.02.11 20:06:13 | 000,000,776 | ---- | C] () -- C:\WINDOWS\CAD-Symbols_Technobox.ini
[2012.02.11 16:11:17 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\repository.xml
[2010.02.05 22:39:52 | 000,000,465 | ---- | C] () -- C:\Documents and Settings\Fern\intlname.ols
[2009.12.12 16:41:18 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Fern\Data aplikací\downloads.m3u
[2009.12.12 07:10:33 | 000,000,188 | ---- | C] () -- C:\Documents and Settings\Fern\Data aplikací\default.rss
[2009.11.29 20:21:43 | 000,077,824 | ---- | C] () -- C:\Documents and Settings\Fern\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.12.10 20:38:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.05.18 11:30:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2013.11.19 16:28:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2014.01.24 13:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.02.06 17:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Battle.net
[2009.11.30 19:11:47 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.01.15 18:47:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2013.01.15 19:16:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2014.01.24 12:10:03 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2010.06.21 14:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.03.26 18:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
[2013.11.11 13:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Garmin
[2014.01.26 17:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.08.07 11:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\id Software
[2012.03.01 21:53:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSI
[2012.07.15 21:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2012.11.11 21:04:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2012.01.02 18:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaAccount
[2011.02.05 16:31:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2010.05.24 19:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2013.11.12 08:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Package Cache
[2010.05.24 20:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.02.03 19:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2011.10.28 14:34:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCapY
[2013.09.13 22:44:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2010.03.07 12:11:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Seagate
[2010.09.02 15:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Smart PC Solutions
[2014.01.24 12:10:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
[2014.01.23 21:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\602Installer
[2012.01.14 20:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\602XML
[2013.11.19 16:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\AVAST Software
[2014.01.24 12:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\AVG
[2013.02.02 19:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Blender Foundation
[2013.01.15 19:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Canon
[2012.01.27 19:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Canon Easy-WebPrint EX
[2012.06.15 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\DAEMON Tools Lite
[2012.03.26 18:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\DassaultSystemes
[2011.01.10 19:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\DxfSharpViewer
[2013.12.09 12:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\FileZilla
[2009.12.05 11:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\FotoWire
[2013.11.11 13:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Garmin
[2009.12.09 17:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\GetRightToGo
[2014.01.13 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\gtk-2.0
[2011.12.10 22:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\ICQ
[2011.08.07 11:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\id Software
[2012.03.01 21:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\IMSI
[2012.11.11 21:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Nokia
[2010.05.24 20:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Nokia Ovi Suite
[2009.11.26 22:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Opera
[2014.01.24 12:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Opera Software
[2011.04.22 22:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\PC Suite
[2013.05.24 21:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\RadiantSettings
[2014.01.24 12:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\rmi
[2013.09.21 17:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Seznam.cz
[2012.01.14 18:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Software602
[2010.05.24 20:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\TomTom
[2013.12.16 11:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Ulozto File Manager
[2013.02.24 19:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\uTorrent
[2013.11.27 23:17:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVAST Software
[2014.01.24 13:11:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2013.11.10 10:37:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Garmin

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.11.26 20:27:00 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.11.26 20:35:20 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.03.27 19:06:04 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.03.27 19:06:05 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.07.08 21:28:53 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.07.30 16:05:51 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.12.08 18:22:47 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

< >

< MD5 for: AGP440.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 15:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 15:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.11.28 19:00:10 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 15:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 23:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.17 15:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 15:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[18 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[39 C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.08.31 17:47:39 | 015,139,575 | ---- | M] () -- C:\mzdy2011.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.01.23 21:12:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\602Installer
[2012.01.14 20:29:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\602XML
[2013.09.17 21:32:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Adobe
[2012.12.09 09:16:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Apple Computer
[2013.11.19 16:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\AVAST Software
[2014.01.24 12:35:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\AVG
[2013.02.02 19:28:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Blender Foundation
[2013.01.15 19:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Canon
[2012.01.27 19:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Canon Easy-WebPrint EX
[2009.12.03 19:51:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Corel
[2012.06.15 18:08:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\DAEMON Tools Lite
[2012.03.26 18:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\DassaultSystemes
[2011.01.10 19:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\DxfSharpViewer
[2013.12.09 12:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\FileZilla
[2009.12.05 11:26:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\FotoWire
[2013.11.11 13:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Garmin
[2009.12.09 17:10:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\GetRightToGo
[2009.11.26 22:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Google
[2014.01.13 15:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\gtk-2.0
[2010.10.21 19:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Help
[2013.01.14 19:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Hewlett-Packard
[2011.12.10 22:23:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\ICQ
[2011.08.07 11:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\id Software
[2009.11.26 20:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Identities
[2012.03.01 21:56:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\IMSI
[2013.01.05 16:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\InstallShield
[2009.11.26 21:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Macromedia
[2014.01.26 19:26:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Malwarebytes
[2012.12.27 09:42:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Fern\Data aplikací\Microsoft
[2011.06.03 22:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Mozilla
[2009.12.05 19:17:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Nero
[2012.11.11 21:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Nokia
[2010.05.24 20:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Nokia Ovi Suite
[2013.06.02 18:52:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\NVIDIA
[2009.11.26 22:43:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Opera
[2014.01.24 12:11:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Opera Software
[2011.04.22 22:30:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\PC Suite
[2013.05.24 21:27:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\RadiantSettings
[2012.01.26 20:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Reallusion
[2014.01.24 12:06:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\rmi
[2013.09.21 17:40:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Seznam.cz
[2013.09.15 08:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Skype
[2013.05.05 10:26:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\skypePM
[2012.01.14 18:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Software602
[2009.12.28 17:11:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Sun
[2010.05.24 20:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\TomTom
[2013.12.02 16:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\U3
[2013.12.16 11:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Ulozto File Manager
[2013.02.24 19:51:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\uTorrent
[2013.11.03 16:00:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\vlc
[2013.04.22 18:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Fern\Data aplikací\Winamp

< %APPDATA%\*.exe /s >
[2009.12.03 19:49:56 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Fern\Data aplikací\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2009.12.03 19:49:55 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Fern\Data aplikací\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2011.02.02 09:26:23 | 075,862,048 | ---- | M] () -- C:\Documents and Settings\Fern\Data aplikací\Nokia\Ovi Suite\Software Updater\NokiaOviSuite2Installer.exe
[2014.01.24 12:09:01 | 033,727,472 | ---- | M] (Opera Software ASA) -- C:\Documents and Settings\Fern\Data aplikací\rmi\opera-17.0.1241.53.exe
[2014.01.22 13:32:40 | 000,145,408 | ---- | M] () -- C:\Documents and Settings\Fern\Data aplikací\Sun\Java\jre1.7.0_51\lzma.exe
[2011.01.09 23:06:32 | 020,332,736 | ---- | M] (TomTom International B.V.) -- C:\Documents and Settings\Fern\Data aplikací\TomTom\HOME\Profiles\qsgd3vw3.default\Updates\v2_7_6_2056_win.exe
[2006.12.07 10:45:12 | 000,110,592 | ---- | M] () -- C:\Documents and Settings\Fern\Data aplikací\U3\temp\cleanup.exe
[2006.12.07 10:45:12 | 003,096,576 | -H-- | M] (SanDisk Corporation) -- C:\Documents and Settings\Fern\Data aplikací\U3\temp\Launchpad Removal.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.06.21 14:28:29 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.11.26 21:11:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.11.26 21:11:12 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.11.26 21:11:12 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.01.26 17:28:01 | 000,159,544 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2014.01.26 17:28:07 | 000,002,228 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2011.08.31 17:47:39 | 015,139,575 | ---- | M] () -- C:\mzdy2011.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"LogitechSoftwareUpdate" = "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot -- [2005.06.08 14:44:14 | 000,196,608 | ---- | M] (Logitech Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.27 20:59:21 | 000,000,512 | ---- | M] () MD5=2C3DCC02810CE309B9F7D52EEA721D80 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2009.05.15 07:36:22 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.02.20 15:28:38 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.02.20 15:28:38 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.02.20 15:28:38 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\da\_media\rssloader.swf
[2005.04.08 13:01:10 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\de\_media\rssloader.swf
[2005.04.08 13:01:10 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\en\_media\rssloader.swf
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\es\_media\rssloader.swf
[2005.04.08 13:01:12 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\fi\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\fr\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\it\_media\rssloader.swf
[2005.04.08 13:01:10 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\ja\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\ko\_media\rssloader.swf
[2005.04.08 13:01:14 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\nl\_media\rssloader.swf
[2005.04.08 13:01:16 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\no\_media\rssloader.swf
[2005.04.08 13:01:16 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\pt\_media\rssloader.swf
[2005.04.08 13:01:16 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\sv\_media\rssloader.swf
[2005.04.08 13:01:16 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\zh_CN\_media\rssloader.swf
[2005.04.08 13:01:16 | 000,002,090 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge\Resources\zh_TW\_media\rssloader.swf
[2005.03.16 19:16:50 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.08.15 19:04:15 | 000,000,194 | ---- | M] () -- \Program Files\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2012.09.25 04:39:16 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2007.01.22 22:16:54 | 000,003,212 | ---- | M] () -- \Program Files\GtkRadiant 1.5.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2007.01.22 22:16:52 | 000,017,051 | ---- | M] () -- \Program Files\GtkRadiant 1.5.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2007.01.22 22:16:54 | 000,019,930 | ---- | M] () -- \Program Files\GtkRadiant 1.5.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2007.01.22 22:16:54 | 000,027,660 | ---- | M] () -- \Program Files\GtkRadiant 1.5.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2011.06.03 22:07:11 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.03 22:07:11 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.03 22:07:11 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.08.10 20:42:29 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.03 22:07:32 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.03 22:07:31 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013.01.09 11:41:56 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2011.10.05 11:12:42 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2013.02.13 11:52:06 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.17 15:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.12.10 20:42:59 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.10.10 16:49:57 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.12.10 20:43:14 | 000,086,016 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2013.01.09 18:45:12 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.14 20:16:38 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.14 20:14:26 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2013.11.11 14:57:08 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2317d10bd132b3b52081f90051e21afe\System.Runtime.Serialization.ni.dll
[2013.11.11 14:57:20 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.11 15:01:22 | 000,009,216 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\252526a2d0ff61ea95e0a3f8b9989faa\System.Xml.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.11.10 10:36:14 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.11.11 13:34:06 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.11.10 10:36:13 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.11.11 13:34:02 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.11.11 13:34:25 | 000,012,080 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2008.07.25 07:08:04 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2007.10.26 03:16:32 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.21 17:40:04 | 000,012,080 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 13:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< End of report >

ferneticek · #24 Příspěvek od **ferneticek** » 27 led 2014 21:34

OTL Extras logfile created on: 27.1.2014 20:55:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Fern\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,23 Mb Total Physical Memory | 91,41 Mb Available Physical Memory | 17,88% Memory free
1,97 Gb Paging File | 1,41 Gb Available in Paging File | 71,84% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,57 Gb Total Space | 22,40 Gb Free Space | 59,63% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 104,42 Gb Free Space | 53,46% Space Free | Partition Type: NTFS

Computer Name: PCOBYVAK | User Name: Fern | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "D:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistUMP] -- "d:\Program Files\UMPlayer\umplayer.exe" -add-to-playlist "%1" ()
Directory [AddToPlaylistVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithUMP] -- "d:\Program Files\UMPlayer\umplayer.exe" -play-dir "%1" ()
Directory [PlayWithVLC] -- "d:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "D:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3587:TCP" = 3587:TCP:*:Enabled:Skupiny sítě Peer-to-Peer
"3540:UDP" = 3540:UDP:*:Enabled:Protokol PNRP (Peer Name Resolution Protocol)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"D:\Program Files\Opera\opera.exe" = D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"D:\Documents and Settings\Fern\Data aplikací\uTorrent\utorrent.exe" = D:\Documents and Settings\Fern\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"D:\Program Files\Quake III Arena\quake3.exe" = D:\Program Files\Quake III Arena\quake3.exe:*:Enabled:quake3 -- ()
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\Common Files\soft602\langserv.exe" = C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker -- ()
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1637\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\GtkRadiant 1.5.0\GtkRadiant.exe" = C:\Program Files\GtkRadiant 1.5.0\GtkRadiant.exe:*:Enabled:GtkRadiant -- ()
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\Program Files\FileZilla FTP Client\filezilla.exe" = D:\Program Files\FileZilla FTP Client\filezilla.exe:*:Enabled:FileZilla FTP Client -- (FileZilla Project)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.5
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1300" = Canon iP1300
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{28599CEE-974A-4AFA-8484-C6FC94984330}" = Majesty Gold Edition
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}" = FontNav
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}" = CorelDRAW Graphics Suite X3
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.6
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86ACE727-A4F2-4B28-A37D-254D9CC03156}" = Zaklínač - Rozšířená edice
"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90170405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{92F124CB-D9AA-4E20-93E4-7A9442878FD2}" = Software602 Form Filler
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A392A7FE-2216-4F7B-AF2F-24F1533DB860}" = Quake Live Internet Explorer Plugin
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A8A3F8BC-B557-4CA8-B4B5-9CAAD6977C54}" = TurboCAD Professional v11.1
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}" = Adobe Bridge 1.0
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 307.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.53
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B864F334-D646-4405-AA2C-16D83D954F88}" = Tenado CAD-Symbols 2011
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C94E45B0-6AA6-4FB9-9AAE-22085F631880}" = VBA
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}" = CZ
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D1504C77-1B19-4AF0-8DEC-946666123B55}" = CrazyTalk Cam Suite PRO
"{D69A5D3F-3837-4409-8AAD-CB5C7D33F13F}" = Star Stable 1
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EC2F741D-308C-42B4-BD04-9A4853F2E402}" = GtkRadiant 1.5.0
"{ED98066E-31E8-4865-B38C-0196B0BD3146}" = Majesty 2
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{f9093fb0-a4a3-4122-a17e-69b0cee493e5}" = Nero 9 Trial
"{FA17A726-B229-4116-B793-A2AB1A4EAE2E}" = Adobe Premiere Pro 2.0
"{FA66CFD7-0977-4C45-AACD-A8BB994B1A05}" = Quake Live Mozilla Plugin
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Premiere Pro 2.0" = Adobe Premiere Pro 2.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"avast" = avast! Free Antivirus
"Blender" = Blender
"CanonMyPrinter" = Canon My Printer
"CCleaner" = CCleaner
"C-Media Audio Driver" = C-Media High Definition Audio Driver
"CZConvert_is1" = CZConvert version 3.5
"DXFSharpViewer 2" = DXF Sharp Viewer 2.0.29
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"FileZilla Client" = FileZilla Client 3.7.3
"FormatFactory" = FormatFactory 2.45
"FTP Commander" = FTP Commander
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Logitech Print Service" = Logitech Print Service
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Money S3" = Ekonomický systém Money S3
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nokia Suite" = Nokia Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"Opera 12.15.1748" = Opera 12.15
"Opera 18.0.1284.68" = Opera Stable 18.0.1284.68
"QcDrv" = ##CAMERADRIVERNAME##
"Quake III Arena" = Quake III Arena
"rajče+.net_is1" = rajče verze 57v sestavení 179
"Registrace uživatele zařízení Canon MG5100 series" = Registrace uživatele zařízení Canon MG5100 series
"S7Z" = #7Z 0.8.1 - 7-Zip GUI
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"UMPlayer" = UMPlayer 0.98 [P3]
"VLC media player" = VLC media player 2.0.8
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.4.0-rc3
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"WinRAR archiver" = Archivátor WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 26.11.2009 16:04:00 | Computer Name = PCOBYVAK | Source = avast! | ID = 33554522
Description =

Error - 1.3.2010 15:30:30 | Computer Name = PCOBYVAK | Source = avast! | ID = 33554522
Description =

Error - 1.3.2010 15:30:34 | Computer Name = PCOBYVAK | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 22.10.2013 8:37:29 | Computer Name = PCOBYVAK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace chrome.exe, verze 30.0.1599.101, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.11.2013 8:54:43 | Computer Name = PCOBYVAK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace opera.exe, verze 12.15.1748.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 6.11.2013 9:00:37 | Computer Name = PCOBYVAK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace opera.exe, verze 12.15.1748.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.11.2013 9:39:44 | Computer Name = PCOBYVAK | Source = Application Error | ID = 1000
Description = Chybující aplikace nokiasuite.exe, verze 3.8.48.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000028.

Error - 3.12.2013 8:45:23 | Computer Name = PCOBYVAK | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ntdll.dll, verze 5.1.2600.6055, adresa chyby 0x00011119.

Error - 6.12.2013 3:08:59 | Computer Name = PCOBYVAK | Source = Application Error | ID = 1000
Description = Chybující aplikace nokiasuite.exe, verze 3.8.48.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000020.

Error - 9.12.2013 4:43:01 | Computer Name = PCOBYVAK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ftpcomm.exe, verze 7.67.0.48, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 9.12.2013 13:47:45 | Computer Name = PCOBYVAK | Source = MsiInstaller | ID = 1023
Description = Aktualizaci {FAA70B77-4799-4FD0-8C5D-E7F12D313169} produktu Microsoft
Office Professional Edition 2003 nebylo možné nainstalovat. Kód chyby: 1603. Další
informace naleznete v souboru protokolu C:\DOCUME~1\Fern\LOCALS~1\Temp\OHotfix\OHotfix(00001)_Msi.log.

Error - 10.12.2013 17:36:03 | Computer Name = PCOBYVAK | Source = Application Error | ID = 1000
Description = Chybující aplikace nokiasuite.exe, verze 3.8.48.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x00000020.

Error - 28.12.2013 6:19:20 | Computer Name = PCOBYVAK | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace gfl_client.exe, verze 1.9.0.1286, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 26.1.2014 13:24:27 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 26.1.2014 13:24:27 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Driver Helper Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 26.1.2014 13:24:27 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 26.1.2014 13:24:27 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 26.1.2014 13:24:28 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7031
Description = Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se
to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat
službu.

Error - 26.1.2014 13:24:28 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba Jednoduché služby TCP/IP byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 26.1.2014 13:24:28 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 26.1.2014 13:24:30 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 27.1.2014 5:31:40 | Computer Name = PCOBYVAK | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.

Error - 27.1.2014 5:31:49 | Computer Name = PCOBYVAK | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: PCIIde

< End of report >

ferneticek · #25 Příspěvek od **ferneticek** » 28 led 2014 10:58

tohle mi to nahlásí, když to začne chroupat

Skript na této stránce je buď zaneprázdněn nebo přestal reagovat. Nyní můžete skript ukončit nebo počkat, zda se dokončí sám.

Skript: https://fbstatic-a.akamaihd.net/rsrc.ph ... NFze.js:17

ale může to být právě jen kvůli tomu, že to chroupe...

#26 Příspěvek od **Márty84** » 28 led 2014 11:12

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
JavaQuickStarterService
Nero BackItUp Scheduler 4.0
gupdate
Adobe LM Service
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Fern\Data aplikací\AVG
C:\Documents and Settings\All Users\Data aplikací\AVG
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

:otl
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
O3 - HKU\S-1-5-21-842925246-152049171-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O15 - HKLM\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-842925246-152049171-725345543-1003\..Trusted Domains: localhost ([]http in Internet)
[2014.01.24 13:11:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2014.01.24 12:35:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fern\Data aplikací\AVG
[2014.01.24 12:10:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[18 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[39 C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\*.tmp -> ]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

ferneticek · #27 Příspěvek od **ferneticek** » 28 led 2014 11:24

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Fern
->Temp folder emptied: 1993246 bytes
->Temporary Internet Files folder emptied: 9604778 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 15772084 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 652 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 150 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 26310240 bytes

Total Files Cleaned = 51,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: Fern
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service Adobe LM Service stopped successfully!
Service Adobe LM Service deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL2014\TuningIndex folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL2014\StartUp Manager folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL2014\Dashboard folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\Fern\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL\Program Statistics folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\AVG folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy folder moved successfully.
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-842925246-152049171-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-842925246-152049171-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014\Backups folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL2014 folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL\CrashDumps folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG\AWL folder moved successfully.
C:\Documents and Settings\LocalService\Data aplikací\AVG folder moved successfully.
Folder C:\Documents and Settings\Fern\Data aplikací\AVG\ not found.
Folder C:\Documents and Settings\All Users\Data aplikací\AVG\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP112.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP115.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP193.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A2.tmp\System.Web.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1FC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP231.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP236.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP247.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP253.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27E.tmp\System.ServiceModel.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP27E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFB.tmp deleted successfully.
C:\WINDOWS\Installer\MSI19.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI1A.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3CF.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI3D3.tmp- folder deleted successfully.
C:\WINDOWS\Installer\MSI4D.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt10.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt11.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt14.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt15.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt1C.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt30.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt3E.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt5.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt52.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt57.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt5D.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt5E.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt5F.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt65.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt66.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt67.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt69.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6A.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6B.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6C.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6D.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6F.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt7.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt70.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt73.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt7B.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt8.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt8A.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt9.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtA.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtB.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtB3.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtC.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtCE.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtD.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtD2.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtE.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtF.tmp deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01282014_111726

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#28 Příspěvek od **Márty84** » 28 led 2014 12:09

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

ferneticek · #29 Příspěvek od **ferneticek** » 29 led 2014 07:54

Zdravím, po těch posledních krocích se to mírně zlepšilo, zkusil jsem ještě vyměnit RAMku a už to šlape jako nové

Děkuji za čas a ochotu!!
fern

#30 Příspěvek od **Márty84** » 29 led 2014 17:21

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe

Re: Prosím o preventivku logu - HDD pořád něco chroupe