Win32Load Money

Zpráva

#31 Příspěvek od **Márty84** » 04 lis 2013 18:38

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

cerman · #32 Příspěvek od **cerman** » 05 lis 2013 07:24

Dobrý den, posílám 1. log:¨OTL Extras logfile created on: 5.11.2013 6:41:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\CiMRMEN\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,87% Memory free
3,85 Gb Paging File | 2,71 Gb Available in Paging File | 70,40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 123,96 Gb Total Space | 71,40 Gb Free Space | 57,60% Space Free | Partition Type: NTFS
Drive D: | 341,80 Gb Total Space | 136,92 Gb Free Space | 40,06% Space Free | Partition Type: NTFS

Computer Name: CERMAN | User Name: CiMRMEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee Pro\2.0\ACDSeeQVPro2.exe" "%1" (ACD Systems)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger -- (Logitech Inc.)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe" = C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe:*:Enabled:SeagateHipServAgent -- (Axentra Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery
"{069730C2-755A-485B-A205-27A1AAFA836A}" = InstantShareAlert
"{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload
"{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices
"{347DA8D7-B858-421e-A154-5F438A36F1A4}" = Memeo Backup Premium
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1
"{44416DCF-39B9-46FD-93F4-35F4D8BD2FBC}" = Lišta Centrum.cz
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAC95F4-A30E-4EE5-A086-6F79581D0D70}" = ACDSee Pro 2
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap
"{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg
"{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1
"{5B622B7A-60FB-4630-B11D-F121D20BCCD6}" = MarketResearch
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder
"{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{79546A5F-AE7C-4693-8670-A3401B43ABD2}" = HP Deskjet 5900 series
"{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config
"{8234A27D-C5A4-4F84-8718-3BF34BCFC89F}" = JourneySoftwarePromo
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5222E5A-13CB-4C98-9F5C-21CF6896A25C}" = HPDeskjet5900Series
"{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C7ECD3E2-AA4C-42AD-B342-687D1FA1B100}" = ESET Smart Security
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6D5CB84-0E6E-4E69-B300-C690B6911029}" = Nero 8
"{DE7A5DDF-47B3-42FF-A082-E158DEA37392}" = EMET
"{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter
"{F0DB63F5-0936-41D2-B400-89707218FAAC}" = Memeo LifeAgent Explorer Extension
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status
"{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DualCoreCenter_is1" = DualCoreCenter
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Free Studio_is1" = Free Studio version 2013
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"HP Imaging Device Functions" = HP Imaging Device Functions 5.0
"HP Photo & Imaging" = HP Image Zone 5.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.0
"HPExtendedCapabilities" = HP Extended Capabilities 5.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.9.0 Full
"Landi 2003 - jazykový kurz" = Landi 2003 - jazykový kurz
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 20.0.1 (x86 cs)" = Mozilla Firefox 20.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PC Translator 2001" = PC Translator 2001
"PowerISO" = PowerISO
"TC UP" = Total Commander Ultima Prime 4.0.0.0
"The KMPlayer" = The KMPlayer (remove only)
"TweakNow PowerPack 2006 Professional_is1" = TweakNow PowerPack 2006 Professional
"V.M.C." = V.M.C. 2.10
"Veetle TV" = Veetle TV 0.9.15
"VLC media player" = VLC media player 2.0.7
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3.11.2013 11:58:47 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET (ASP.NET).

cerman · #33 Příspěvek od **cerman** » 05 lis 2013 07:30

pokračování: Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 3.11.2013 12:00:52 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:52 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:52 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro aspnet_state (ASP.NET
State Service). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET (ASP.NET).
Kód chyby je v první hodnotě DWORD v datové oblasti.

[ System Events ]
Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .

Error - 4.11.2013 2:31:46 | Computer Name = CERMAN | Source = Service Control Manager | ID = 7034
Description = Služba Skype C2C Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4.11.2013 2:31:49 | Computer Name = CERMAN | Source = Service Control Manager | ID = 7034
Description = Služba Process Monitor byla neočekávaně ukončena. Tento stav nastal
již 1krát.

< End of report >

cerman · #34 Příspěvek od **cerman** » 05 lis 2013 07:34

Pokračování:Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 3.11.2013 12:00:52 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:52 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:52 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET_2.0.50727
(ASP.NET_2.0.50727). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro aspnet_state (ASP.NET
State Service). Kód chyby je v první hodnotě DWORD v datové oblasti.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 3.11.2013 12:00:54 | Computer Name = CERMAN | Source = LoadPerf | ID = 3011
Description = Nezdařilo se uvolnění řetězců čítače výkonu pro ASP.NET (ASP.NET).
Kód chyby je v první hodnotě DWORD v datové oblasti.

[ System Events ]
Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842784
Description = Závislá symbolická adresa Microsoft.VC80.CRT nebyla nalezena a poslední
chyba byla Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly pro Microsoft.VC80.CRT se nezdařila. Referenční
chybová zpráva: Sestavení určené odkazem není v systému nainstalováno. .

Error - 3.11.2013 11:37:48 | Computer Name = CERMAN | Source = SideBySide | ID = 16842811
Description = Generate Activation Context pro C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
se nezdařila. Referenční chybová zpráva: Operace byla dokončena úspěšně. .

Error - 4.11.2013 2:31:46 | Computer Name = CERMAN | Source = Service Control Manager | ID = 7034
Description = Služba Skype C2C Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4.11.2013 2:31:49 | Computer Name = CERMAN | Source = Service Control Manager | ID = 7034
Description = Služba Process Monitor byla neočekávaně ukončena. Tento stav nastal
již 1krát.

< End of report >

cerman · #35 Příspěvek od **cerman** » 05 lis 2013 07:38

Posílám 2. log:OTL logfile created on: 5.11.2013 6:41:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\CiMRMEN\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,87% Memory free
3,85 Gb Paging File | 2,71 Gb Available in Paging File | 70,40% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 123,96 Gb Total Space | 71,40 Gb Free Space | 57,60% Space Free | Partition Type: NTFS
Drive D: | 341,80 Gb Total Space | 136,92 Gb Free Space | 40,06% Space Free | Partition Type: NTFS

Computer Name: CERMAN | User Name: CiMRMEN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.11.05 06:35:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\CiMRMEN\Dokumenty\Stažené soubory\OTL.exe
PRC - [2013.10.30 13:22:28 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.06.12 20:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.05.09 13:25:58 | 000,152,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\EMET\EMET_notifier.exe
PRC - [2012.01.01 15:15:02 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
PRC - [2011.06.01 17:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011.05.04 22:22:46 | 000,025,824 | ---- | M] (Memeo) -- C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe
PRC - [2011.01.13 03:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2009.10.14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 09:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2009.10.07 09:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009.10.07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.06.12 13:14:06 | 000,214,288 | ---- | M] (Pinnacle Systems) -- C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe
PRC - [2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.03.15 00:50:59 | 000,233,472 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2008.02.28 16:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.08.09 08:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.01.20 06:14:14 | 000,422,912 | ---- | M] () -- C:\Program Files\TweakNow PowerPack 2006\RAM2_XP.exe

========== Modules (No Company Name) ==========

MOD - [2013.11.03 17:58:06 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.11.03 17:57:14 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\1b7600e7fe5e152f21ba6d79f3c0c3b6\System.Configuration.ni.dll
MOD - [2013.11.03 17:02:51 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013.11.03 17:02:45 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\02257c6b67db33c194fa3beccf977afb\System.Windows.Forms.ni.dll
MOD - [2013.11.03 17:02:34 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.11.03 17:01:26 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.11.03 17:01:17 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013.11.03 17:00:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.10.30 13:22:26 | 003,368,048 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.01.01 15:15:02 | 001,564,368 | ---- | M] () -- C:\Program Files\Guard-ICQ\GuardICQ.exe
MOD - [2011.01.13 02:57:34 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll
MOD - [2011.01.13 02:55:28 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll
MOD - [2009.10.14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009.10.14 12:36:34 | 000,181,592 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LvApi11\LvApi11.dll
MOD - [2009.10.14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2009.04.22 22:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll
MOD - [2009.04.10 00:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll
MOD - [2009.03.03 23:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll
MOD - [2009.03.03 23:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll
MOD - [2009.03.03 23:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll
MOD - [2009.03.03 23:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll
MOD - [2009.03.03 23:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll
MOD - [2009.03.03 23:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll
MOD - [2009.03.03 23:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll
MOD - [2009.03.03 23:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll
MOD - [2009.03.03 23:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll
MOD - [2008.04.14 08:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.01.20 06:14:14 | 000,422,912 | ---- | M] () -- C:\Program Files\TweakNow PowerPack 2006\RAM2_XP.exe

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.10.30 13:22:27 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.10.11 05:44:47 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.09.05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.12 20:45:17 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.01.01 15:15:02 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2011.06.01 17:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011.05.04 22:22:46 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2009.10.07 09:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.10.07 09:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009.10.07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007.08.09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SGuard.sys -- (SGUARD)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\CiMRMEN\Local Settings\Temp\{4A3890D7-6A55-416F-B032-BB7E1F8B2A40}\fsgk.sys -- (F-Secure Standalone Minifilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2009.10.07 09:49:50 | 000,023,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009.10.07 09:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009.10.07 09:47:54 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.10.07 09:18:34 | 000,055,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009.10.07 09:18:34 | 000,032,072 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009.10.07 09:18:30 | 000,073,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009.10.07 09:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
DRV - [2009.10.07 09:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.10.07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.01.28 18:22:33 | 000,026,624 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts)
DRV - [2008.12.17 07:01:20 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.03.14 07:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2008.02.18 15:21:08 | 000,132,904 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagesrv.sys -- (imagesrv)
DRV - [2008.02.18 15:21:08 | 000,011,304 | ---- | M] (Ahead Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\imagedrv.sys -- (imagedrv)
DRV - [2007.10.15 18:34:16 | 000,051,200 | ---- | M] (Your Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\RushTop.sys -- (RushTopDevice2)
DRV - [2007.10.12 09:33:06 | 004,609,024 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.10.12 09:32:30 | 000,094,592 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.07.17 09:22:06 | 000,908,832 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhilCap.sys -- (PhilCap)
DRV - [2007.04.17 13:42:00 | 000,028,160 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\DualCoreCenter\NTGLM7X.sys -- (DualCoreCenter)
DRV - [2006.01.13 14:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vd_filedisk.sys -- (VD_FileDisk)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://atlas.centrum.cz/?utm_source=ch- ... paign=home
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7ADFA_cs
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\SearchScopes\{E85323D5-AFDC-40F7-985A-0FBC0F987799}: "URL" = http://search.centrum.cz/index.php?utm_ ... earchTerms}
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "webwebweb"
FF - prefs.js..browser.search.selectedEngine: "webwebweb"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://atlas.centrum.cz/?utm_source=ch- ... paign=home"
FF - prefs.js..extensions.enabledAddons: %7Bf13b157f-b174-47e7-a34d-4815ddfdfeb8%7D:0.9.89
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.13.0.13771
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.15: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.15: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.11.03 10:44:11 | 000,000,000 | ---D | M]

[2008.07.13 15:30:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Extensions
[2013.10.19 06:06:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\extensions
[2013.10.11 14:55:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.06.05 05:33:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2013.10.19 06:06:07 | 000,041,044 | ---- | M] () (No name found) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\extensions\vdpure@link64.xpi
[2013.10.10 14:43:03 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.29 07:53:17 | 000,210,138 | ---- | M] () (No name found) -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
[2011.06.22 15:32:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-11.xml
[2011.08.15 17:20:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-12.xml
[2011.09.03 17:16:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-13.xml
[2011.09.09 14:12:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-14.xml
[2011.10.03 06:52:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-15.xml
[2011.11.10 15:47:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-16.xml
[2010.04.29 16:33:28 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\winamp-search.xml
[2013.10.30 13:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.11.03 15:23:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.10.30 13:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.11.03 15:23:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.10.30 13:22:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\CIMRMEN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\6E14NV1K.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\CIMRMEN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\6E14NV1K.DEFAULT\EXTENSIONS\{F13B157F-B174-47E7-A34D-4815DDFDFEB8}.XPI
[2009.09.04 14:19:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... hannel=rcs
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/comple ... earchTerms},
CHR - homepage: http://www.msn.com/?pc=UP97&ocid=UP97DHP
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.1.0.10441_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Java(TM) Platform SE 6 U13 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.11.04 07:52:44 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lišta Centrum.cz) - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll (Centrum Holdings s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {ADECBED6-0366-4377-A739-E69DFBA04663} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Guard.Mail.ru.gui] C:\Program Files\Guard-ICQ\GuardICQ.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RAM Idle Professional] C:\Program Files\TweakNow PowerPack 2006\RAM2_XP.exe ()
O4 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe (Pinnacle Systems)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se8942.cab (Windows Live Safety Center Base Module)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/microso ... 3227248718 (WUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 85.93.160.254 85.93.160.118
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CA563D21-965C-408A-BFAF-B42C851CCB5F}: DhcpNameServer = 85.93.160.254 85.93.160.118
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (smrgdf C:\Program Files\iolo\System Mechanic 5 Professional\)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.11.04 09:59:09 | 000,000,000 | ---D | C] -- C:\rsit
[2013.11.04 07:35:12 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.11.04 07:32:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.11.04 07:32:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.11.04 07:32:16 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.11.04 07:32:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.11.04 07:32:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.11.04 07:31:51 | 000,000,000 | R--D | C] -- C:\Documents and Settings\CiMRMEN\Nabídka Start\Programy\Nástroje pro správu
[2013.11.04 07:31:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.11.03 18:23:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Malwarebytes
[2013.11.03 18:23:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.11.03 16:18:40 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2013.11.03 16:18:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013.11.03 16:18:38 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2013.11.03 16:17:30 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.11.03 16:17:30 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013.11.03 16:17:28 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013.11.03 16:17:28 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2013.11.03 16:17:27 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2013.11.03 16:16:56 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2013.11.03 16:16:46 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2013.11.03 16:13:59 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mup.sys
[2013.11.03 16:12:32 | 000,139,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwd.sys
[2013.11.03 16:12:17 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013.11.03 16:11:58 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2013.11.03 16:11:33 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2013.11.03 16:11:33 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013.11.03 16:11:33 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013.11.03 16:11:33 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013.11.03 16:08:50 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndistapi.sys
[2013.11.03 16:05:36 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2013.11.03 15:12:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2013.11.03 14:06:22 | 001,371,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2013.11.03 14:06:22 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2013.11.03 14:06:22 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2013.11.03 14:06:21 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2013.11.03 14:06:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2013.11.03 14:06:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2013.11.03 14:06:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2013.11.03 14:06:18 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013.11.03 14:06:18 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013.11.03 14:06:18 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013.11.03 14:06:18 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013.11.03 14:06:18 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013.11.03 14:06:18 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2013.11.03 14:06:17 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013.11.03 14:06:17 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2013.11.03 14:06:17 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013.11.03 14:06:17 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013.11.03 14:06:17 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013.11.03 14:06:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2013.11.03 14:06:15 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2013.11.03 14:06:15 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2013.11.03 14:06:15 | 000,056,320 | ---- | C] (Společnost Microsoft) -- C:\WINDOWS\System32\dot3msm.dll
[2013.11.03 14:06:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2013.11.03 14:06:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2013.11.03 14:06:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2013.11.03 14:06:14 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2013.11.03 14:06:14 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2013.11.03 14:06:14 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2013.11.03 14:06:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2013.11.03 14:06:13 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2013.11.03 14:06:13 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013.11.03 14:06:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2013.11.03 14:06:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2013.11.03 14:06:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2013.11.03 14:06:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2013.11.03 14:06:11 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2013.11.03 14:06:11 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2013.11.03 14:06:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2013.11.03 14:06:11 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013.11.03 14:06:11 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2013.11.03 14:06:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2013.11.03 14:06:10 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013.11.03 14:06:10 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2013.11.03 14:06:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2013.11.03 14:06:10 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2013.11.03 14:06:10 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2013.11.03 14:06:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2013.11.03 14:06:09 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2013.11.03 14:06:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2013.11.03 14:06:09 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2013.11.03 14:06:08 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013.11.03 14:06:08 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013.11.03 14:06:08 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013.11.03 14:06:08 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013.11.03 14:06:08 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013.11.03 14:06:08 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013.11.03 14:06:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2013.11.03 14:06:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2013.11.03 14:06:06 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2013.11.03 14:06:04 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013.11.03 14:06:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2013.11.03 14:06:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cs
[2013.11.03 14:06:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013.11.03 13:59:41 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013.11.03 13:59:41 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013.11.03 13:59:41 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013.11.03 13:59:41 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013.11.03 13:59:41 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013.11.03 13:59:41 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013.11.03 13:59:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2013.11.03 13:59:40 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013.11.03 13:59:40 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013.11.03 13:59:40 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013.11.03 13:59:40 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013.11.03 13:59:40 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013.11.03 13:59:40 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013.11.03 13:59:39 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013.11.03 13:59:39 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013.11.03 13:59:39 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013.11.03 13:59:39 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013.11.03 13:59:39 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013.11.03 13:59:39 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013.11.03 13:59:39 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013.11.03 13:59:39 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013.11.03 13:59:39 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013.11.03 13:59:39 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013.11.03 13:59:39 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013.11.03 13:59:39 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013.11.03 13:59:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013.11.03 13:59:38 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013.11.03 13:59:38 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013.11.03 13:59:38 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013.11.03 13:59:38 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013.11.03 13:59:38 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013.11.03 13:59:38 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013.11.03 13:59:38 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013.11.03 13:59:38 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013.11.03 13:59:38 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013.11.03 13:59:37 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2013.11.03 13:59:37 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013.11.03 13:59:35 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013.11.03 13:59:35 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013.11.03 13:59:35 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013.11.03 13:59:35 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013.11.03 13:59:35 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013.11.03 13:59:35 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013.11.03 13:59:34 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013.11.03 13:59:34 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013.11.03 13:59:34 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013.11.03 13:59:34 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013.11.03 13:59:33 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013.11.03 13:59:33 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013.11.03 13:59:33 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013.11.03 13:59:33 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013.11.03 13:59:33 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2013.11.03 13:59:32 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013.11.03 13:59:32 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013.11.03 13:59:32 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013.11.03 13:59:32 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013.11.03 13:59:32 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013.11.03 13:59:32 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013.11.03 13:54:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2013.11.03 12:35:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.11.03 10:50:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2013.11.03 10:50:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\CiMRMEN\Recent
[2013.11.03 10:37:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}(2)(2)
[2013.11.02 20:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2013.11.02 20:17:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
[2013.10.30 13:22:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[29 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.11.05 06:44:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.11.05 06:43:14 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.05 06:29:16 | 000,161,237 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.11.05 06:29:14 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.05 06:28:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.11.05 06:28:38 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2013.11.05 06:28:33 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2013.11.04 18:00:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.04 16:00:00 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2013.11.04 07:52:44 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.11.04 07:35:16 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.11.03 17:47:04 | 000,279,744 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.11.03 17:28:03 | 000,003,277 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\intlname.ols
[2013.11.03 17:00:54 | 000,985,100 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.11.03 17:00:54 | 000,977,232 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.11.03 17:00:54 | 000,312,060 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.11.03 17:00:54 | 000,281,358 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.11.03 16:59:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.11.03 15:14:06 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.03 13:59:00 | 000,250,576 | RHS- | M] () -- C:\ntldr
[2013.11.03 09:00:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.11.03 07:59:57 | 000,000,851 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131103-080420.backup
[2013.11.01 16:53:05 | 000,450,573 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131103-075957.backup
[2013.10.29 13:26:02 | 000,000,349 | ---- | M] () -- C:\Documents and Settings\All Users\Dokumenty\PCLECHAL.INI
[2013.10.25 16:06:31 | 000,450,573 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131101-165305.backup
[2013.10.24 07:26:40 | 000,001,586 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Defraggler.lnk
[2013.10.23 15:27:23 | 000,450,573 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131025-170630.backup
[2013.10.22 15:58:08 | 000,450,555 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131023-162723.backup
[2013.10.16 15:45:54 | 000,450,555 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20131022-165808.backup
[2013.10.11 05:44:45 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.10.11 05:44:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[29 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.11.05 06:43:14 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.04 07:35:16 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.11.04 07:35:13 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.11.04 07:32:16 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.11.04 07:32:16 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.11.04 07:32:16 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.11.04 07:32:16 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.11.04 07:32:16 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.11.03 16:08:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.11.03 16:08:49 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2013.11.03 13:59:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013.11.03 13:59:37 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013.11.03 13:59:35 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013.11.03 09:59:53 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.10.19 17:02:24 | 000,002,560 | ---- | C] () -- C:\WINDOWS\_MSRSTRT.EXE
[2012.10.17 15:07:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.07.26 05:38:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2011.04.27 15:48:17 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\fusioncache.dat
[2011.04.04 15:06:24 | 000,039,936 | ---- | C] () -- C:\Documents and Settings\CiMRMEN\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.13 09:25:52 | 000,018,321 | ---- | C] () -- C:\Program Files\copying
[2009.02.18 10:46:46 | 000,000,467 | ---- | C] () -- C:\Documents and Settings\CiMRMEN\Zástupce - CiMRMEN.lnk
[2008.07.21 08:26:03 | 000,003,277 | ---- | C] () -- C:\Documents and Settings\CiMRMEN\intlname.ols
[2008.07.14 22:11:50 | 000,000,134 | ---- | C] () -- C:\Documents and Settings\CiMRMEN\default.pls
[2008.07.13 15:45:34 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\CiMRMEN\.rnd

========== ZeroAccess Check ==========

[2008.07.13 14:28:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 08:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 08:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.07.13 15:28:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2013.02.04 15:44:30 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2008.07.13 16:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2013.11.03 18:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2013.01.03 17:19:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MemeoCommon
[2008.07.13 15:00:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2013.02.04 15:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.02.04 15:44:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2008.07.13 15:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\ACD Systems
[2009.12.31 19:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Audacity
[2009.03.26 09:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\avidemux
[2013.02.04 17:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\DVDVideoSoft
[2008.07.13 16:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\ESET
[2008.07.13 15:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\HEXelon
[2013.08.08 11:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\ICQ
[2013.07.24 12:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Image Zone Express
[2009.04.28 16:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Leadertech
[2013.01.04 06:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Memeo
[2008.08.13 16:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Moyea
[2013.01.03 17:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Seagate
[2013.02.04 15:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\TuneUp Software
[2013.01.03 17:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Seagate
[2013.11.03 10:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}
[2013.11.03 10:37:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\{DCD48218-E972-4d0c-9E5F-43462BC13E3B}(2)(2)

========== Purity Check ==========

========== Custom Scans ==========

< >
[2008.07.13 14:05:16 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2008.07.13 14:10:47 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.06.30 15:17:59 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009.06.30 15:18:00 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2010.06.02 20:20:07 | 000,000,370 | ---- | C] () -- C:\WINDOWS\Tasks\HPpromotions journeysoftware.job
[2012.04.10 14:33:07 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2006.10.20 22:42:55 | 016,721,355 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.10.20 22:42:55 | 016,721,355 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 08:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.10.20 22:42:55 | 016,721,355 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 00:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 08:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 08:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 08:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.10.20 22:42:55 | 016,721,355 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 00:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 21:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.10.20 22:42:55 | 016,721,355 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 09:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.25 15:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 07:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 08:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.14 00:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 19:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 08:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 08:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 08:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 08:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

cerman · #36 Příspěvek od **cerman** » 05 lis 2013 07:40

pokračování:< MD5 for: TCPIP.SYS >
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.14 00:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\SoftwareDistribution\Download\fe608cd8d2b8f77abaee7a69a696bcf7\sp3qfe\tcpip.sys
[2006.10.20 22:33:21 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 08:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 08:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 08:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[29 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.07.13 15:36:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\ACD Systems
[2012.08.13 13:34:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Adobe
[2009.12.31 19:45:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Audacity
[2009.03.26 09:18:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\avidemux
[2013.03.10 15:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\DVD Flick
[2012.12.22 20:02:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\dvdcss
[2013.02.04 17:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\DVDVideoSoft
[2008.07.13 16:04:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\ESET
[2009.08.14 15:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Google
[2008.12.22 08:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Help
[2008.07.13 15:26:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\HEXelon
[2010.06.02 17:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\HP
[2013.11.03 10:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\HpUpdate
[2013.08.08 11:43:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\ICQ
[2008.07.13 14:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Identities
[2013.07.24 12:11:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Image Zone Express
[2008.07.13 16:01:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\InstallShield
[2009.04.28 16:13:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Leadertech
[2008.07.13 16:02:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Macromedia
[2013.11.03 18:23:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Malwarebytes
[2009.04.21 19:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Media Player Classic
[2013.01.04 06:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Memeo
[2013.11.01 07:50:04 | 000,000,000 | --SD | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Microsoft
[2008.08.13 16:04:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Moyea
[2008.07.13 15:30:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla
[2008.07.13 15:45:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Nero
[2009.02.16 17:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\NeroDigital™
[2010.12.13 15:22:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Real
[2013.01.03 17:12:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Seagate
[2013.11.04 18:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Skype
[2009.03.18 08:12:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\skypePM
[2008.07.15 08:56:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\Sun
[2013.02.04 15:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\TuneUp Software
[2010.03.10 15:26:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\TVU Networks
[2013.11.02 18:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\vlc
[2008.07.13 15:45:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\CiMRMEN\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2011.07.31 17:24:29 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Microsoft\Installer\{069730C2-755A-485B-A205-27A1AAFA836A}\ARPPRODUCTICON.exe
[2012.09.19 15:03:34 | 000,041,439 | R--- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Microsoft\Installer\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}\_4D69E3CD100D782CD01439.exe
[2012.09.19 15:03:34 | 000,041,439 | R--- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Microsoft\Installer\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}\_853F67D554F05449430E7E.exe
[2012.09.19 15:03:34 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Microsoft\Installer\{DE7A5DDF-47B3-42FF-A082-E158DEA37392}\_9A017C9EDA4365E39E44AF.exe
[2012.09.10 06:27:33 | 005,642,000 | ---- | M] (TVU networks) -- C:\Documents and Settings\CiMRMEN\Data aplikací\TVU Networks\AutoUpgrade\TVUPlayer2.5.3.1.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.07.13 15:52:21 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2008.07.13 15:52:21 | 000,720,896 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2008.07.13 15:52:21 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.11.03 09:00:02 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2013.11.03 17:47:04 | 000,279,744 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.11.03 16:48:33 | 000,034,221 | ---- | M] () -- C:\WINDOWS\system32\lvcoinst.log
[2013.11.05 06:29:16 | 000,161,237 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.11.03 17:00:54 | 000,312,060 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.11.03 17:00:54 | 000,281,358 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.11.03 17:00:54 | 000,985,100 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.11.03 17:00:54 | 000,977,232 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.11.03 17:00:54 | 000,004,982 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.11.03 15:12:51 | 000,000,090 | ---- | M] () -- C:\WINDOWS\system32\spupdwxp.log
[2013.11.03 15:14:06 | 000,002,228 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"PMCRemote" = C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe -- [2008.06.12 13:14:06 | 000,214,288 | ---- | M] (Pinnacle Systems)
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.02.28 16:07:58 | 001,828,136 | ---- | M] (Nero AG)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.08.14 15:23:19 | 000,039,408 | ---- | M] (Google Inc.)
"Logitech Vid" = "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode -- [2011.01.13 03:01:28 | 006,129,496 | ---- | M] (Logitech Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.11.05 06:43:14 | 000,000,512 | ---- | M] () MD5=5A5D2686A3BA67FE0E72E2CB0AF2485A -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2008.02.04 10:32:50 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images(2)\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images(2)\loader.png
[2012.06.18 11:39:40 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images(3)\loader.gif
[2012.06.18 11:39:40 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images(3)\loader.png
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2013.05.29 17:23:51 | 000,001,029 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip
[2013.05.29 17:23:51 | 000,007,470 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen1.zip
[2013.05.29 17:23:51 | 000,002,146 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip
[2013.05.29 17:23:52 | 000,259,906 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen3.zip
[2013.06.05 08:13:19 | 000,000,368 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen4.zip
[2013.06.05 08:13:19 | 000,259,905 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen5.zip
[2013.02.04 17:19:05 | 000,001,044 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoSoft\Programs\Free Uploader for Facebook.lnk
[2013.02.04 17:19:05 | 000,000,989 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\DVDVideoSoft\Programs\Free YouTube Uploader.lnk
[2013.02.05 07:00:24 | 000,002,641 | ---- | M] () -- \Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\images\YoutubeDownloader.png
[2013.10.29 13:26:30 | 000,000,054 | ---- | M] () -- \Documents and Settings\CiMRMEN\Local Settings\Data aplikací\Pinnacle Systems GmbH\TVCenter Pro\1.1.444.667\PMCLoader.exe.xml
[2013.11.04 09:27:42 | 000,110,642 | ---- | M] () -- \Documents and Settings\CiMRMEN\Local Settings\Temporary Internet Files\Content.IE5\0UZGA0QZ\AdLoader-05424a4ab7d836fbf1bc3b5c2b3458f1.min[1].js
[2013.11.04 09:27:42 | 000,001,537 | ---- | M] () -- \Documents and Settings\CiMRMEN\Local Settings\Temporary Internet Files\Content.IE5\75JLA48K\AdLoader[1].htm
[2013.01.31 21:33:42 | 000,940,184 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\lib\DVSVideoDownloader.dll
[2013.02.04 17:19:18 | 000,000,623 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
[2013.02.04 17:19:18 | 000,000,609 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
[2013.02.04 17:19:18 | 000,002,796 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\youtube_mp3_downloader_32_32.png
[2013.02.04 17:19:18 | 000,002,641 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\youtube_video_downloader_32_32.png
[2013.01.12 01:07:54 | 000,037,510 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\chrome\content\dvsyoutubedownloader.js
[2012.11.20 16:13:06 | 000,002,431 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\chrome\content\dvsyoutubedownloader.xul
[2013.01.10 01:06:06 | 000,000,634 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\dvsmenuext-ytvdownloader.png
[2012.12.07 16:00:36 | 000,001,813 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\dvsyoutubedownloader.css
[2012.11.20 16:13:06 | 000,002,796 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\youtube_mp3_downloader_32_32.png
[2012.11.20 16:13:06 | 000,002,641 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\plugins\ff\skin\youtube_video_downloader_32_32.png
[2001.01.16 05:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 03:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2008.02.28 12:26:06 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2013.01.28 12:28:42 | 001,842,824 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\FreeUploaderForFacebook.exe
[2012.07.03 19:26:10 | 000,000,281 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\FreeUploaderForFacebook.xml
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\de-DE\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,656 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\el-GR\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\es-ES\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\fr-FR\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\hu-HU\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\it-IT\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\ja-JP\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\nl-NL\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\pl-PL\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\pt-BR\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\pt-PT\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,656 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\ru-RU\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\tr-TR\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\zh-CHS\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:28:34 | 000,006,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free Uploader for Facebook\zh-CHT\FreeUploaderForFacebook.resources.dll
[2013.01.28 12:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.31 21:28:30 | 002,348,544 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2012.12.27 17:03:02 | 000,001,020 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2013.01.25 18:45:02 | 000,003,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2013.01.22 20:39:36 | 000,006,223 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,045,056 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\hu-HU\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,045,056 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2013.01.31 21:28:22 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2013.01.31 21:30:14 | 000,067,584 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to DVD Converter\DVDVideoSoft.DownloaderYT2DvdAppExt.dll
[2013.01.28 12:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to DVD Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.28 12:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to iPhone Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.28 12:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to iPod Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.28 12:12:34 | 000,041,096 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2013.01.28 12:27:44 | 001,623,176 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.exe
[2012.11.22 17:55:00 | 000,000,332 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.xml
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\de-DE\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,010,240 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\el-GR\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\es-ES\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\fr-FR\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,007,168 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\hu-HU\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\it-IT\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\ja-JP\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\nl-NL\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\pl-PL\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\pt-BR\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\pt-PT\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,728 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\ru-RU\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\tr-TR\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,009,216 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\zh-CHS\FreeYouTubeUploader.resources.dll
[2013.01.28 12:27:36 | 000,008,704 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Uploader\zh-CHT\FreeYouTubeUploader.resources.dll
[2012.01.01 15:13:28 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.01.01 15:13:28 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.01.01 15:13:28 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.01.01 15:14:30 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.12.07 13:51:24 | 000,006,522 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_center.png
[2012.12.07 13:51:24 | 000,008,711 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_left.png
[2012.12.07 13:51:24 | 000,008,745 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\images\btn_loader_right.png
[2012.12.07 13:51:44 | 000,000,154 | ---- | M] () -- \Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\skin\resources\neutral\decl\common\widgets\ConditionalLoader.qml
[2008.06.23 14:24:50 | 000,021,776 | ---- | M] () -- \Program Files\Pinnacle\TVCenter Pro\PMC.Loader.Common.dll
[2008.06.23 14:24:54 | 000,644,368 | ---- | M] () -- \Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe
[2007.06.13 21:38:20 | 000,001,217 | ---- | M] () -- \Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe.Manifest
[2008.06.23 14:24:56 | 000,193,808 | ---- | M] () -- \Program Files\Pinnacle\TVCenter Pro\Settings.Loader.dll
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2009.10.14 22:32:54 | 000,298,376 | ---- | M] () -- \Program Files\Windows Live Safety Center\wlscUploader.exe
[2006.12.23 16:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 00:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 00:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 08:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2013.09.13 01:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.11.03 15:28:53 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2004.08.17 14:44:16 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2010.06.02 17:19:55 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.03 05:30:50 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.11.03 17:00:40 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.11.03 16:56:58 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2010.06.11 16:01:20 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.06.11 14:15:51 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll
[2013.11.03 17:58:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.03 17:56:46 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 07:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 18:29:04 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2001.10.25 15:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 15:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[29 \WINDOWS\system32\dllcache\*.tmp files -> \WINDOWS\system32\dllcache\*.tmp -> ]
[2008.04.14 07:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

< . >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

#37 Příspěvek od **Márty84** » 05 lis 2013 10:32

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
Guard.Mail.ru
JavaQuickStarterService
Nero BackItUp Scheduler 3
Skype C2C Service
NMIndexingService
gupdate1c988feda0cfdc8
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
gusvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\HPpromotions journeysoftware.job

:otl
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1220945662-1343024091-725345543-1003\..\SearchScopes\{E85323D5-AFDC-40F7-985A-0FBC0F987799}: "URL" = http://search.centrum.cz/index.php?utm_ ... er,IE-8&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "webwebweb"
FF - prefs.js..browser.search.selectedEngine: "webwebweb"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://atlas.centrum.cz/?utm_source=ch-sethp&utm_medium=ff-atlas-cz&utm_campaign=home"
[2011.06.22 15:32:53 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-11.xml
[2011.08.15 17:20:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-12.xml
[2011.09.03 17:16:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-13.xml
[2011.09.09 14:12:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-14.xml
[2011.10.03 06:52:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-15.xml
[2011.11.10 15:47:28 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-16.xml
[2010.04.29 16:33:28 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\winamp-search.xml
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[29 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2013.05.29 17:23:51 | 000,001,029 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip
[2013.05.29 17:23:51 | 000,007,470 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen1.zip
[2013.05.29 17:23:51 | 000,002,146 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip
[2013.05.29 17:23:52 | 000,259,906 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen3.zip
[2013.06.05 08:13:19 | 000,000,368 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen4.zip
[2013.06.05 08:13:19 | 000,259,905 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen5.zip
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADECBED6-0366-4377-A739-E69DFBA04663}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"NBKeyScan"=-
"HP Software Update"=-
"Guard.Mail.ru.gui"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"swg"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

cerman · #38 Příspěvek od **cerman** » 05 lis 2013 11:23

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: CiMRMEN
->Temp folder emptied: 592772 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16083633 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 16,00 mb

[EMPTYFLASH]

User: All Users

User: CiMRMEN
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: No service named Guard.Mail.ru was found to stop!
Service\Driver key Guard.Mail.ru not found.
Error: No service named JavaQuickStarterService was found to stop!
Service\Driver key JavaQuickStarterService not found.
Error: No service named Nero BackItUp Scheduler 3 was found to stop!
Service\Driver key Nero BackItUp Scheduler 3 not found.
Error: No service named Skype C2C Service was found to stop!
Service\Driver key Skype C2C Service not found.
Error: No service named NMIndexingService was found to stop!
Service\Driver key NMIndexingService not found.
Error: No service named gupdate1c988feda0cfdc8 was found to stop!
Service\Driver key gupdate1c988feda0cfdc8 not found.
Error: No service named SkypeUpdate was found to stop!
Service\Driver key SkypeUpdate not found.
Error: No service named AdobeFlashPlayerUpdateSvc was found to stop!
Service\Driver key AdobeFlashPlayerUpdateSvc not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\tasks\Adobe Flash Player Updater.job not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job not found.
File\Folder C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder C:\WINDOWS\tasks\HPpromotions journeysoftware.job not found.
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry key HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{E85323D5-AFDC-40F7-985A-0FBC0F987799}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E85323D5-AFDC-40F7-985A-0FBC0F987799}\ not found.
Prefs.js: "webwebweb" removed from browser.search.defaultenginename
Prefs.js: "webwebweb" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://atlas.centrum.cz/?utm_source=ch- ... paign=home" removed from browser.startup.homepage
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-11.xml not found.
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-12.xml not found.
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-13.xml not found.
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-14.xml not found.
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-15.xml not found.
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-16.xml not found.
File C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\winamp-search.xml not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File/Folder C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\WINDOWS\Installer\*.tmp not found.
File \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip not found.
File \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen1.zip not found.
File \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip not found.
File \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen3.zip not found.
File \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen4.zip not found.
File \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen5.zip not found.
Unable to delete ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADECBED6-0366-4377-A739-E69DFBA04663}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADECBED6-0366-4377-A739-E69DFBA04663}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11052013_111832

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cerman · #39 Příspěvek od **cerman** » 05 lis 2013 11:29

Omlouvám se ,ale asi jsem se při vkládání logu dopustil nějaké chyby a při stisku ctrl +v mně log zmizel a tak jsem test 2x zopakoval a vložený log je až z třetího testu.Tak pokud jsem něco pokazil tak se kaji, ale jsem už asi blbý důchodce a uživatel PC úplný amatér.Obdivuji Vás a nestačím Vám děkpvat.Cerman

cerman · #40 Příspěvek od **cerman** » 05 lis 2013 12:45

Objevil jsem složku snad s prvním logem/který mně po kliku ctrl +v zmizel.Kdybych víc přemýšlel, tak jem test asi nesjížděl 3x.Ale co jsem udělal u vkládání logu blbě, to opravdu netuším.ll processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: CiMRMEN
->Temp folder emptied: 739729 bytes
->Temporary Internet Files folder emptied: 6566628 bytes
->Java cache emptied: 66100998 bytes
->FireFox cache emptied: 421023669 bytes
->Google Chrome cache emptied: 2015470 bytes
->Flash cache emptied: 2471 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 56386 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 15947108 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 73955584 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109080 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 559,00 mb

[EMPTYFLASH]

User: All Users

User: CiMRMEN
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Nero BackItUp Scheduler 3 stopped successfully!
Service Nero BackItUp Scheduler 3 deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service gupdate1c988feda0cfdc8 stopped successfully!
Service gupdate1c988feda0cfdc8 deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\HPpromotions journeysoftware.job moved successfully.
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1220945662-1343024091-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{E85323D5-AFDC-40F7-985A-0FBC0F987799}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E85323D5-AFDC-40F7-985A-0FBC0F987799}\ not found.
Prefs.js: "webwebweb" removed from browser.search.defaultenginename
Prefs.js: "webwebweb" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://atlas.centrum.cz/?utm_source=ch- ... paign=home" removed from browser.startup.homepage
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\CiMRMEN\Data aplikací\Mozilla\Firefox\Profiles\6e14nv1k.default\searchplugins\winamp-search.xml moved successfully.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP179.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1991.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3BB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP55A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP637.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP65D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP672.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP70A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB80.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE5B.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI221.tmp deleted successfully.
C:\WINDOWS\Installer\MSI233.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2CB.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2DD.tmp deleted successfully.
\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen.zip moved successfully.
\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen1.zip moved successfully.
\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip moved successfully.
\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen3.zip moved successfully.
\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen4.zip moved successfully.
\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloadergen5.zip moved successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D9C17C6-093D-43E5-BF3D-4A13D162AB74}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ADECBED6-0366-4377-A739-E69DFBA04663}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ADECBED6-0366-4377-A739-E69DFBA04663}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 11052013_104313

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#41 Příspěvek od **Márty84** » 05 lis 2013 19:50

Program provedl co mel

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

cerman · #42 Příspěvek od **cerman** » 06 lis 2013 07:33

Dobrý den, děkuji Vám za Váš čas ,který jste mně věnoval.Já jsem PC samouk,když jsem v r.1968 promoval na VŠB HGF a stal se báňským inženýrem,tak nebyly ani kalkulačky v dnešním slova smyslu.V r.1978 jsem absolvoval na VUT v Brně postgraduál zaměřený na výpočetní techniku.Ale to bylo jen proto, že mně to šefové doporučili v rámci jakéhosi hodnocení a mysleli si , že se na to vykašlu a oni budou mít u mně nesplněný úkol a mínus v mých kádrových materiálech.No a když jsem v r.2001 odcházel do důchodu,tak nejlepěí Pc měly sekretářky ,aby na nich mohly psát místo psacího stroje. Někeré doporučené programy používám běžně/ CCLeaner a Defraggler/,tak defragmentaci udělám ,až budu PC vypínat.PC se mně jevil dobře už v neděli,teď asi bude trošku svižnější.Pokud mně napíšete jak moc se Vám to moje PC jevilo zavirované, budu rád.Jinak Vám přeji do Ostravy jen samé pěkné a úspěšné dny/a stěží Vém Vaši pomoc někdy oplatím./Cerman

#43 Příspěvek od **Márty84** » 07 lis 2013 17:20

No nejaka ta breberka tam byla a jinak tradicni brzdy a zbytecnosti

Oplacet mi nic nemusite

Je tedy vse v poradku a muzeme tema uzavrit?

cerman · #44 Příspěvek od **cerman** » 08 lis 2013 07:36

Dobrý den, myslím,že vše je OK.Přeji pěkné aúspěšné dny , Cerman

#45 Příspěvek od **Márty84** » 08 lis 2013 10:13

Fajn

Dekuji!

Vam take

Mejte se a treba zase nekdy

VIRY.CZ

Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money

Re: Win32Load Money