Prosim o kontrolu logu... Vyřešeno

[doyll]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:31, on 8.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [supertintin_skype] C:\Program Files\SuperTintin for Skype\supertintin_skype.exe /start_context sys_auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\webcamXP 5\wService.exe

--
End of file - 5511 bytes

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

Folder::
c:\program files\Skype\Update

Driver::
sptd
SkypeUpdate


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[doyll]

ComboFix 14-01-04.03 - Adam 09.01.2014 1:06.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1380 [GMT 1:00]
Spuštěný z: c:\documents and settings\Adam\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Adam\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-09 do 2014-01-09 )))))))))))))))))))))))))))))))
.
.
2014-01-06 15:33 . 2014-01-07 16:08 -------- d-----w- c:\program files\HD Tune
2014-01-05 22:40 . 2014-01-05 22:41 -------- d-----w- c:\documents and settings\Administrator
2014-01-04 11:27 . 2014-01-04 11:27 -------- d-----w- c:\program files\CPUID
2014-01-04 08:24 . 2014-01-05 02:01 -------- d-----w- c:\windows\system32\XPSViewer
2014-01-04 08:23 . 2014-01-04 08:23 -------- d-----w- c:\program files\MSBuild
2014-01-04 08:23 . 2014-01-04 08:23 -------- d-----w- c:\program files\Reference Assemblies
2014-01-04 08:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2014-01-04 08:22 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2014-01-04 08:22 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2014-01-04 08:22 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2014-01-04 08:22 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2014-01-04 08:22 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2014-01-04 08:22 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2014-01-04 08:22 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2014-01-04 08:22 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2014-01-04 08:22 . 2014-01-04 08:23 -------- d-----w- C:\3d10d4f1585596fe347a17942648
2014-01-03 00:20 . 2014-01-03 00:20 -------- d-----w- c:\windows\ERUNT
2014-01-02 20:09 . 2014-01-02 23:23 -------- d-----w- C:\AdwCleaner
2014-01-02 18:03 . 2014-01-02 18:03 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Malwarebytes
2014-01-02 18:02 . 2014-01-02 18:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-01-02 18:02 . 2014-01-02 18:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-02 18:02 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-02 17:34 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-02 17:25 . 2014-01-02 17:25 -------- d-----w- c:\program files\Microsoft.NET
2014-01-01 22:18 . 2014-01-01 22:18 -------- d-----w- c:\program files\Common Files\Adobe
2014-01-01 22:03 . 2014-01-01 22:03 388096 ----a-r- c:\documents and settings\Adam\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-01 22:03 . 2014-01-01 22:03 -------- d-----w- c:\program files\Trend Micro
2014-01-01 21:50 . 2014-01-02 18:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-01-01 14:17 . 2014-01-02 18:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Package Cache
2014-01-01 09:31 . 2014-01-01 09:31 -------- d-----w- C:\KMPlayer
2014-01-01 00:13 . 2014-01-06 21:50 -------- d-----w- C:\FFOutput
2013-12-31 22:17 . 2013-12-31 22:17 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2013-12-31 21:05 . 2014-01-08 17:28 -------- d-----w- c:\program files\The KMPlayer
2013-12-30 21:14 . 2013-12-31 01:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\webcamXP 5
2013-12-30 21:13 . 2013-12-30 21:14 -------- d-----w- c:\program files\webcamXP 5
2013-12-30 20:46 . 2013-12-30 20:46 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2013-12-30 16:02 . 2013-12-30 16:02 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Zoner
2013-12-30 16:01 . 2013-12-30 16:02 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\Zoner
2013-12-28 16:08 . 2013-12-29 09:04 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\Temp
2013-12-28 16:08 . 2013-12-29 09:04 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\Facebook
2013-12-27 06:23 . 2014-01-09 00:08 -------- d-----w- c:\documents and settings\Adam\Data aplikací\DMCache
2013-12-27 06:23 . 2014-01-08 17:35 -------- d-----w- c:\documents and settings\Adam\Data aplikací\IDM
2013-12-27 06:23 . 2013-12-27 06:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IDM
2013-12-27 06:23 . 2013-12-28 23:11 -------- d-----w- c:\program files\Internet Download Manager
2013-12-24 08:06 . 2010-06-08 16:36 204800 ----a-w- c:\windows\system32\mp4demux.dll
2013-12-24 08:06 . 2012-05-30 21:43 622592 ----a-w- c:\windows\system32\mmaacd.ax
2013-12-24 08:06 . 2011-10-04 16:12 352256 ----a-w- c:\windows\system32\lame.ax
2013-12-24 08:06 . 2009-05-08 23:42 629760 ----a-w- c:\windows\system32\DivXDecH264.ax
2013-12-24 08:06 . 2013-12-24 08:06 -------- d-----w- c:\program files\SuperTintin for Skype
2013-12-23 17:17 . 2013-12-23 17:18 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Marine Aquarium 3
2013-12-23 17:17 . 2013-12-23 17:17 -------- d-----w- c:\program files\SereneScreen
2013-12-23 17:17 . 2009-09-28 12:06 6565888 ----a-w- c:\windows\system32\MarineAquarium3.scr
2013-12-18 19:04 . 2001-09-05 03:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2013-12-18 19:04 . 2001-09-05 03:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-12-18 19:04 . 2001-09-05 03:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-12-18 19:04 . 2001-09-05 03:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-12-18 19:04 . 2001-09-05 03:24 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-12-16 16:55 . 2008-04-14 07:52 28672 ----a-w- c:\windows\system32\vidcap.ax
2013-12-16 16:55 . 2013-07-17 00:58 123008 -c--a-w- c:\windows\system32\dllcache\usbvideo.sys
2013-12-16 16:55 . 2013-07-17 00:58 123008 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-16 16:55 . 2008-04-14 07:52 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2013-12-16 16:55 . 2008-04-14 07:52 61952 ----a-w- c:\windows\system32\kstvtune.ax
2013-12-16 16:55 . 2008-04-14 07:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2013-12-16 16:55 . 2008-04-14 07:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2013-12-16 16:55 . 2008-04-14 07:52 43008 ----a-w- c:\windows\system32\ksxbar.ax
2013-12-16 16:55 . 2008-04-14 07:52 20992 ----a-w- c:\windows\system32\dshowext.ax
2013-12-16 13:46 . 2013-12-16 13:46 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Maxthon3
2013-12-16 13:45 . 2013-12-16 13:46 -------- d-----w- c:\program files\Maxthon
2013-12-16 12:26 . 2013-12-16 12:26 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Ashampoo
2013-12-16 12:26 . 2013-12-16 12:26 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\ashampoo
2013-12-16 12:25 . 2013-12-16 12:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ashampoo
2013-12-16 12:25 . 2013-12-16 12:25 -------- d-----w- c:\program files\Ashampoo
2013-12-14 03:42 . 2013-12-14 03:42 -------- d-----w- c:\documents and settings\Adam\Data aplikací\ElevatedDiagnostics
2013-12-14 01:01 . 2013-12-14 01:01 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-12-13 23:46 . 2013-12-24 23:45 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\WMTools Downloaded Files
2013-12-13 15:46 . 2013-12-13 15:46 -------- d-sh--w- c:\documents and settings\Adam\IECompatCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-07 11:11 . 2014-01-03 21:57 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS.bak
2014-01-07 11:11 . 2014-01-03 21:57 18944 ----a-w- c:\windows\system32\drivers\wpdusb.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 4352 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 34560 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 81664 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 58112 ----a-w- c:\windows\system32\drivers\vdmindvd.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 52480 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 20992 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 26368 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-07 11:11 . 2014-01-03 21:57 26240 ----a-w- c:\windows\system32\drivers\usbser.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 20608 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 144128 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 123008 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 59520 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 30336 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 15872 ----a-w- c:\windows\system32\drivers\usbintel.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 60160 ----a-w- c:\windows\system32\drivers\usbaudio.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 5376 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 25728 ----a-w- c:\windows\system32\drivers\usbcamd2.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 25600 ----a-w- c:\windows\system32\drivers\usbcamd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 384768 ----a-w- c:\windows\system32\drivers\update.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 66048 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 51712 ----a-w- c:\windows\system32\drivers\tosdvd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 40840 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 21376 ----a-w- c:\windows\system32\drivers\tsbvcap.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12288 ----a-w- c:\windows\system32\drivers\tunmp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 21896 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 19072 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12040 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 4352 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 14976 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 49408 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 73344 ----a-w- c:\windows\system32\drivers\sr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 6272 ----a-w- c:\windows\system32\drivers\splitter.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 466008 ----a-w- c:\windows\system32\drivers\sptd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 357888 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 25344 ----a-w- c:\windows\system32\drivers\sonydcam.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 14592 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11392 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11008 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 10240 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 64256 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 15744 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11904 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 96384 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 79232 ----a-w- c:\windows\system32\drivers\sdbus.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 6143592 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 5888 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 445696 ----a-w- c:\windows\system32\drivers\rt73.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 30592 ----a-w- c:\windows\system32\drivers\rndismp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 203136 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\riodrv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 58496 ----a-w- c:\windows\system32\drivers\redbook.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 196224 ----a-w- c:\windows\system32\drivers\rdpdr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\rio8drv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 4224 ----a-w- c:\windows\system32\drivers\rdpcdd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 34432 ----a-w- c:\windows\system32\drivers\rawwan.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 175744 ----a-w- c:\windows\system32\drivers\rdbss.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 16512 ----a-w- c:\windows\system32\drivers\raspti.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 8832 ----a-w- c:\windows\system32\drivers\rasacd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 51328 ----a-w- c:\windows\system32\drivers\rasl2tp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 48384 ----a-w- c:\windows\system32\drivers\raspptp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 69120 ----a-w- c:\windows\system32\drivers\psched.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 39680 ----a-w- c:\windows\system32\drivers\processr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 17792 ----a-w- c:\windows\system32\drivers\ptilink.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 146048 ----a-w- c:\windows\system32\drivers\portcls.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 120064 ----a-w- c:\windows\system32\drivers\pcmcia.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 68736 ----a-w- c:\windows\system32\drivers\pci.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 6784 ----a-w- c:\windows\system32\drivers\parvdm.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 3328 ----a-w- c:\windows\system32\drivers\pciide.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 24960 ----a-w- c:\windows\system32\drivers\pciidex.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 80000 ----a-w- c:\windows\system32\drivers\parport.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 46592 ----a-w- c:\windows\system32\drivers\p3.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 3456 ----a-w- c:\windows\system32\drivers\oprghdlr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 19712 ----a-w- c:\windows\system32\drivers\partmgr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 163584 ----a-w- c:\windows\system32\drivers\nwrdr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 88320 ----a-w- c:\windows\system32\drivers\nwlnkipx.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 63232 ----a-w- c:\windows\system32\drivers\nwlnknb.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 55936 ----a-w- c:\windows\system32\drivers\nwlnkspx.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 32512 ----a-w- c:\windows\system32\drivers\nwlnkfwd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12416 ----a-w- c:\windows\system32\drivers\nwlnkflt.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 574976 ----a-w- c:\windows\system32\drivers\ntfs.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 40320 ----a-w- c:\windows\system32\drivers\nmnt.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 30848 ----a-w- c:\windows\system32\drivers\npfs.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 2944 ----a-w- c:\windows\system32\drivers\null.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\nikedrv.sys.bak
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-29 . 8A4209F4C57F1789974FE5D8DCFC25BB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-28 23:19 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"supertintin_skype"="c:\program files\SuperTintin for Skype\supertintin_skype.exe" [2013-10-25 1555456]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2013-12-15 3821136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"RTHDCPL"="RTHDCPL.EXE" [2010-09-14 19576424]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-28 3764024]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL - Fragen & Antworten (FAQ).lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL - Fragen & Antworten (FAQ).lnk
backup=c:\windows\pss\Moorhuhn 3 DL - Fragen & Antworten (FAQ).lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL - Hinweise.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL - Hinweise.lnk
backup=c:\windows\pss\Moorhuhn 3 DL - Hinweise.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL deinstallieren.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL deinstallieren.lnk
backup=c:\windows\pss\Moorhuhn 3 DL deinstallieren.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL spielen.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL spielen.lnk
backup=c:\windows\pss\Moorhuhn 3 DL spielen.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^www.moorhuhn.de.url]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\www.moorhuhn.de.url
backup=c:\windows\pss\www.moorhuhn.de.urlCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-12-29 09:03 138096 ----atw- c:\documents and settings\Adam\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\Documents and Settings\\Adam\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\webcamXP 5\\wLite.exe"=
"c:\\Program Files\\webcamXP 5\\wService.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [3.4.2013 9:35 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [3.4.2013 9:35 180248]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3.4.2013 9:09 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.4.2013 9:09 410528]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [4.10.2013 12:40 121184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.4.2013 9:35 67824]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2.1.2014 19:02 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2.1.2014 19:02 22856]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 8:15 172192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.4.2013 12:46 1691480]
S3 wxpSvc;webcamXP Service;c:\program files\webcamXP 5\wService.exe [27.7.2011 20:58 5023744]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 20:42]
.
2014-01-06 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-04-03 23:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
FF - ProfilePath - c:\documents and settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\8r0ca3z4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-09 01:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wxpSvc]
"ImagePath"="c:\program files\webcamXP 5\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1976)
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\program files\Internet Download Manager\IDMNetMon.DLL
c:\windows\system32\webcheck.dll
.
Celkový čas: 2014-01-09 01:10:15
ComboFix-quarantined-files.txt 2014-01-09 00:10
ComboFix2.txt 2014-01-08 18:54
ComboFix3.txt 2014-01-05 22:11
ComboFix4.txt 2014-01-03 23:51
.
Před spuštěním: Volných bajtů: 12 043 087 872
Po spuštění: Volných bajtů: 12 049 485 824
.
- - End Of File - - 4402E90AE713FE05843CCD3C8535F7C4
413FC2A0C716421B3158746D63736515

[doyll]

ComboFix 14-01-04.03 - Adam 09.01.2014 1:06.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1380 [GMT 1:00]
Spuštěný z: c:\documents and settings\Adam\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Adam\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-12-09 do 2014-01-09 )))))))))))))))))))))))))))))))
.
.
2014-01-06 15:33 . 2014-01-07 16:08 -------- d-----w- c:\program files\HD Tune
2014-01-05 22:40 . 2014-01-05 22:41 -------- d-----w- c:\documents and settings\Administrator
2014-01-04 11:27 . 2014-01-04 11:27 -------- d-----w- c:\program files\CPUID
2014-01-04 08:24 . 2014-01-05 02:01 -------- d-----w- c:\windows\system32\XPSViewer
2014-01-04 08:23 . 2014-01-04 08:23 -------- d-----w- c:\program files\MSBuild
2014-01-04 08:23 . 2014-01-04 08:23 -------- d-----w- c:\program files\Reference Assemblies
2014-01-04 08:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2014-01-04 08:22 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2014-01-04 08:22 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2014-01-04 08:22 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2014-01-04 08:22 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2014-01-04 08:22 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2014-01-04 08:22 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2014-01-04 08:22 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2014-01-04 08:22 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2014-01-04 08:22 . 2014-01-04 08:23 -------- d-----w- C:\3d10d4f1585596fe347a17942648
2014-01-03 00:20 . 2014-01-03 00:20 -------- d-----w- c:\windows\ERUNT
2014-01-02 20:09 . 2014-01-02 23:23 -------- d-----w- C:\AdwCleaner
2014-01-02 18:03 . 2014-01-02 18:03 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Malwarebytes
2014-01-02 18:02 . 2014-01-02 18:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-01-02 18:02 . 2014-01-02 18:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-02 18:02 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-02 17:34 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-01-02 17:25 . 2014-01-02 17:25 -------- d-----w- c:\program files\Microsoft.NET
2014-01-01 22:18 . 2014-01-01 22:18 -------- d-----w- c:\program files\Common Files\Adobe
2014-01-01 22:03 . 2014-01-01 22:03 388096 ----a-r- c:\documents and settings\Adam\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-01 22:03 . 2014-01-01 22:03 -------- d-----w- c:\program files\Trend Micro
2014-01-01 21:50 . 2014-01-02 18:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2014-01-01 14:17 . 2014-01-02 18:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Package Cache
2014-01-01 09:31 . 2014-01-01 09:31 -------- d-----w- C:\KMPlayer
2014-01-01 00:13 . 2014-01-06 21:50 -------- d-----w- C:\FFOutput
2013-12-31 22:17 . 2013-12-31 22:17 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2013-12-31 21:05 . 2014-01-08 17:28 -------- d-----w- c:\program files\The KMPlayer
2013-12-30 21:14 . 2013-12-31 01:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\webcamXP 5
2013-12-30 21:13 . 2013-12-30 21:14 -------- d-----w- c:\program files\webcamXP 5
2013-12-30 20:46 . 2013-12-30 20:46 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2013-12-30 16:02 . 2013-12-30 16:02 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Zoner
2013-12-30 16:01 . 2013-12-30 16:02 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\Zoner
2013-12-28 16:08 . 2013-12-29 09:04 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\Temp
2013-12-28 16:08 . 2013-12-29 09:04 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\Facebook
2013-12-27 06:23 . 2014-01-09 00:08 -------- d-----w- c:\documents and settings\Adam\Data aplikací\DMCache
2013-12-27 06:23 . 2014-01-08 17:35 -------- d-----w- c:\documents and settings\Adam\Data aplikací\IDM
2013-12-27 06:23 . 2013-12-27 06:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IDM
2013-12-27 06:23 . 2013-12-28 23:11 -------- d-----w- c:\program files\Internet Download Manager
2013-12-24 08:06 . 2010-06-08 16:36 204800 ----a-w- c:\windows\system32\mp4demux.dll
2013-12-24 08:06 . 2012-05-30 21:43 622592 ----a-w- c:\windows\system32\mmaacd.ax
2013-12-24 08:06 . 2011-10-04 16:12 352256 ----a-w- c:\windows\system32\lame.ax
2013-12-24 08:06 . 2009-05-08 23:42 629760 ----a-w- c:\windows\system32\DivXDecH264.ax
2013-12-24 08:06 . 2013-12-24 08:06 -------- d-----w- c:\program files\SuperTintin for Skype
2013-12-23 17:17 . 2013-12-23 17:18 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Marine Aquarium 3
2013-12-23 17:17 . 2013-12-23 17:17 -------- d-----w- c:\program files\SereneScreen
2013-12-23 17:17 . 2009-09-28 12:06 6565888 ----a-w- c:\windows\system32\MarineAquarium3.scr
2013-12-18 19:04 . 2001-09-05 03:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2013-12-18 19:04 . 2001-09-05 03:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-12-18 19:04 . 2001-09-05 03:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-12-18 19:04 . 2001-09-05 03:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-12-18 19:04 . 2001-09-05 03:24 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-12-16 16:55 . 2008-04-14 07:52 28672 ----a-w- c:\windows\system32\vidcap.ax
2013-12-16 16:55 . 2013-07-17 00:58 123008 -c--a-w- c:\windows\system32\dllcache\usbvideo.sys
2013-12-16 16:55 . 2013-07-17 00:58 123008 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2013-12-16 16:55 . 2008-04-14 07:52 91648 ----a-w- c:\windows\system32\kswdmcap.ax
2013-12-16 16:55 . 2008-04-14 07:52 61952 ----a-w- c:\windows\system32\kstvtune.ax
2013-12-16 16:55 . 2008-04-14 07:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2013-12-16 16:55 . 2008-04-14 07:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2013-12-16 16:55 . 2008-04-14 07:52 43008 ----a-w- c:\windows\system32\ksxbar.ax
2013-12-16 16:55 . 2008-04-14 07:52 20992 ----a-w- c:\windows\system32\dshowext.ax
2013-12-16 13:46 . 2013-12-16 13:46 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Maxthon3
2013-12-16 13:45 . 2013-12-16 13:46 -------- d-----w- c:\program files\Maxthon
2013-12-16 12:26 . 2013-12-16 12:26 -------- d-----w- c:\documents and settings\Adam\Data aplikací\Ashampoo
2013-12-16 12:26 . 2013-12-16 12:26 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\ashampoo
2013-12-16 12:25 . 2013-12-16 12:26 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ashampoo
2013-12-16 12:25 . 2013-12-16 12:25 -------- d-----w- c:\program files\Ashampoo
2013-12-14 03:42 . 2013-12-14 03:42 -------- d-----w- c:\documents and settings\Adam\Data aplikací\ElevatedDiagnostics
2013-12-14 01:01 . 2013-12-14 01:01 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-12-13 23:46 . 2013-12-24 23:45 -------- d-----w- c:\documents and settings\Adam\Local Settings\Data aplikací\WMTools Downloaded Files
2013-12-13 15:46 . 2013-12-13 15:46 -------- d-sh--w- c:\documents and settings\Adam\IECompatCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-07 11:11 . 2014-01-03 21:57 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS.bak
2014-01-07 11:11 . 2014-01-03 21:57 18944 ----a-w- c:\windows\system32\drivers\wpdusb.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 4352 ----a-w- c:\windows\system32\drivers\wmilib.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 34560 ----a-w- c:\windows\system32\drivers\wanarp.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 81664 ----a-w- c:\windows\system32\drivers\videoprt.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 58112 ----a-w- c:\windows\system32\drivers\vdmindvd.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 52480 ----a-w- c:\windows\system32\drivers\volsnap.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 20992 ----a-w- c:\windows\system32\drivers\vga.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 26368 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS.bak
2014-01-07 11:11 . 2014-01-03 21:57 26240 ----a-w- c:\windows\system32\drivers\usbser.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 20608 ----a-w- c:\windows\system32\drivers\usbuhci.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 144128 ----a-w- c:\windows\system32\drivers\usbport.sys.bak
2014-01-07 11:11 . 2014-01-03 21:57 123008 ----a-w- c:\windows\system32\drivers\usbvideo.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 59520 ----a-w- c:\windows\system32\drivers\usbhub.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 30336 ----a-w- c:\windows\system32\drivers\usbehci.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 15872 ----a-w- c:\windows\system32\drivers\usbintel.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 60160 ----a-w- c:\windows\system32\drivers\usbaudio.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 5376 ----a-w- c:\windows\system32\drivers\usbd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 25728 ----a-w- c:\windows\system32\drivers\usbcamd2.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 25600 ----a-w- c:\windows\system32\drivers\usbcamd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 384768 ----a-w- c:\windows\system32\drivers\update.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 66048 ----a-w- c:\windows\system32\drivers\udfs.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 51712 ----a-w- c:\windows\system32\drivers\tosdvd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 40840 ----a-w- c:\windows\system32\drivers\termdd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 21376 ----a-w- c:\windows\system32\drivers\tsbvcap.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12288 ----a-w- c:\windows\system32\drivers\tunmp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 21896 ----a-w- c:\windows\system32\drivers\tdtcp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 19072 ----a-w- c:\windows\system32\drivers\tdi.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12040 ----a-w- c:\windows\system32\drivers\tdpipe.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 4352 ----a-w- c:\windows\system32\drivers\swenum.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 14976 ----a-w- c:\windows\system32\drivers\tape.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 49408 ----a-w- c:\windows\system32\drivers\stream.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 73344 ----a-w- c:\windows\system32\drivers\sr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 6272 ----a-w- c:\windows\system32\drivers\splitter.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 466008 ----a-w- c:\windows\system32\drivers\sptd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 357888 ----a-w- c:\windows\system32\drivers\srv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 25344 ----a-w- c:\windows\system32\drivers\sonydcam.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 14592 ----a-w- c:\windows\system32\drivers\smclib.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11392 ----a-w- c:\windows\system32\drivers\sfloppy.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11008 ----a-w- c:\windows\system32\drivers\sffp_sd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 10240 ----a-w- c:\windows\system32\drivers\sffp_mmc.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 64256 ----a-w- c:\windows\system32\drivers\serial.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 15744 ----a-w- c:\windows\system32\drivers\serenum.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 11904 ----a-w- c:\windows\system32\drivers\sffdisk.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 96384 ----a-w- c:\windows\system32\drivers\scsiport.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 79232 ----a-w- c:\windows\system32\drivers\sdbus.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 6143592 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 5888 ----a-w- c:\windows\system32\drivers\rootmdm.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 445696 ----a-w- c:\windows\system32\drivers\rt73.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 30592 ----a-w- c:\windows\system32\drivers\rndismp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 203136 ----a-w- c:\windows\system32\drivers\rmcast.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\riodrv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 58496 ----a-w- c:\windows\system32\drivers\redbook.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 196224 ----a-w- c:\windows\system32\drivers\rdpdr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\rio8drv.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 4224 ----a-w- c:\windows\system32\drivers\rdpcdd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 34432 ----a-w- c:\windows\system32\drivers\rawwan.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 175744 ----a-w- c:\windows\system32\drivers\rdbss.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 16512 ----a-w- c:\windows\system32\drivers\raspti.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 8832 ----a-w- c:\windows\system32\drivers\rasacd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 51328 ----a-w- c:\windows\system32\drivers\rasl2tp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 48384 ----a-w- c:\windows\system32\drivers\raspptp.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 41472 ----a-w- c:\windows\system32\drivers\raspppoe.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 69120 ----a-w- c:\windows\system32\drivers\psched.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 39680 ----a-w- c:\windows\system32\drivers\processr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 17792 ----a-w- c:\windows\system32\drivers\ptilink.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 146048 ----a-w- c:\windows\system32\drivers\portcls.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 120064 ----a-w- c:\windows\system32\drivers\pcmcia.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 68736 ----a-w- c:\windows\system32\drivers\pci.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 6784 ----a-w- c:\windows\system32\drivers\parvdm.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 3328 ----a-w- c:\windows\system32\drivers\pciide.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 24960 ----a-w- c:\windows\system32\drivers\pciidex.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 80000 ----a-w- c:\windows\system32\drivers\parport.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 46592 ----a-w- c:\windows\system32\drivers\p3.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 3456 ----a-w- c:\windows\system32\drivers\oprghdlr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 19712 ----a-w- c:\windows\system32\drivers\partmgr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 163584 ----a-w- c:\windows\system32\drivers\nwrdr.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 88320 ----a-w- c:\windows\system32\drivers\nwlnkipx.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 63232 ----a-w- c:\windows\system32\drivers\nwlnknb.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 55936 ----a-w- c:\windows\system32\drivers\nwlnkspx.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 32512 ----a-w- c:\windows\system32\drivers\nwlnkfwd.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12416 ----a-w- c:\windows\system32\drivers\nwlnkflt.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 574976 ----a-w- c:\windows\system32\drivers\ntfs.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 40320 ----a-w- c:\windows\system32\drivers\nmnt.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 30848 ----a-w- c:\windows\system32\drivers\npfs.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 2944 ----a-w- c:\windows\system32\drivers\null.sys.bak
2014-01-07 11:10 . 2014-01-03 21:57 12032 ----a-w- c:\windows\system32\drivers\nikedrv.sys.bak
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-29 . 8A4209F4C57F1789974FE5D8DCFC25BB . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-12-28 23:19 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-11-15 23:07 21904 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"supertintin_skype"="c:\program files\SuperTintin for Skype\supertintin_skype.exe" [2013-10-25 1555456]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2013-12-15 3821136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"RTHDCPL"="RTHDCPL.EXE" [2010-09-14 19576424]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-12-28 3764024]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL - Fragen & Antworten (FAQ).lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL - Fragen & Antworten (FAQ).lnk
backup=c:\windows\pss\Moorhuhn 3 DL - Fragen & Antworten (FAQ).lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL - Hinweise.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL - Hinweise.lnk
backup=c:\windows\pss\Moorhuhn 3 DL - Hinweise.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL deinstallieren.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL deinstallieren.lnk
backup=c:\windows\pss\Moorhuhn 3 DL deinstallieren.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Moorhuhn 3 DL spielen.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Moorhuhn 3 DL spielen.lnk
backup=c:\windows\pss\Moorhuhn 3 DL spielen.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^www.moorhuhn.de.url]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\www.moorhuhn.de.url
backup=c:\windows\pss\www.moorhuhn.de.urlCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2013-12-29 09:03 138096 ----atw- c:\documents and settings\Adam\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ERSvc"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Maxthon\\Bin\\MxUp.exe"=
"c:\\Program Files\\Maxthon\\Bin\\Maxthon.exe"=
"c:\\Documents and Settings\\Adam\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\webcamXP 5\\wLite.exe"=
"c:\\Program Files\\webcamXP 5\\wService.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\Program Files\\Internet Download Manager\\IDMan.exe"=
"c:\\Program Files\\Return to Castle Wolfenstein\\WolfMP.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [3.4.2013 9:35 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [3.4.2013 9:35 180248]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [3.4.2013 9:09 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.4.2013 9:09 410528]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [4.10.2013 12:40 121184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.4.2013 9:35 67824]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2.1.2014 19:02 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2.1.2014 19:02 22856]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [23.10.2013 8:15 172192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.4.2013 12:46 1691480]
S3 wxpSvc;webcamXP Service;c:\program files\webcamXP 5\wService.exe [27.7.2011 20:58 5023744]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 20:42]
.
2014-01-06 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-04-03 23:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
FF - ProfilePath - c:\documents and settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\8r0ca3z4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-01-09 01:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wxpSvc]
"ImagePath"="c:\program files\webcamXP 5\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrueSight]
"ImagePath"="\??\"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1976)
c:\program files\Internet Download Manager\IDMShellExt.dll
c:\program files\Internet Download Manager\IDMNetMon.DLL
c:\windows\system32\webcheck.dll
.
Celkový čas: 2014-01-09 01:10:15
ComboFix-quarantined-files.txt 2014-01-09 00:10
ComboFix2.txt 2014-01-08 18:54
ComboFix3.txt 2014-01-05 22:11
ComboFix4.txt 2014-01-03 23:51
.
Před spuštěním: Volných bajtů: 12 043 087 872
Po spuštění: Volných bajtů: 12 049 485 824
.
- - End Of File - - 4402E90AE713FE05843CCD3C8535F7C4
413FC2A0C716421B3158746D63736515

[doyll]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-01-09 01:20:18
-----------------------------
01:20:18.625 OS Version: Windows 5.1.2600 Service Pack 3
01:20:18.625 Number of processors: 1 586 0xE08
01:20:18.625 ComputerName: STANDA UserName: Adam
01:20:19.953 Initialize success
01:20:25.312 AVAST engine defs: 14010800
01:20:28.375 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
01:20:28.375 Disk 0 Vendor: FUJITSU_MHW2040BH 00000012 Size: 38154MB BusType: 3
01:20:28.515 Disk 0 MBR read successfully
01:20:28.515 Disk 0 MBR scan
01:20:28.531 Disk 0 Windows XP default MBR code
01:20:28.531 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38146 MB offset 63
01:20:28.531 Disk 0 scanning sectors +78124095
01:20:28.562 Disk 0 scanning C:\WINDOWS\system32\drivers
01:20:56.640 Service scanning
01:21:16.312 Modules scanning
01:21:26.484 Disk 0 trace - called modules:
01:21:26.500 ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys pciide.sys
01:21:26.500 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89d72ab8]
01:21:27.015 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\0000006e[0x89e3a9e8]
01:21:27.015 5 ACPI.sys[b9e68620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-e[0x89db8d98]
01:21:28.156 AVAST engine scan C:\WINDOWS
01:21:33.609 AVAST engine scan C:\WINDOWS\system32
01:23:36.671 AVAST engine scan C:\WINDOWS\system32\drivers
01:24:10.828 AVAST engine scan C:\Documents and Settings\Adam
01:26:35.093 AVAST engine scan C:\Documents and Settings\All Users
01:27:02.671 Scan finished successfully
01:27:36.250 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Adam\Plocha\MBR.dat"
01:27:36.250 The log file has been saved successfully to "C:\Documents and Settings\Adam\Plocha\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Vlož nový log z HJT + info o problémech.

[doyll]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:36:59, on 9.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [supertintin_skype] C:\Program Files\SuperTintin for Skype\supertintin_skype.exe /start_context sys_auto
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files\webcamXP 5\wService.exe

--
End of file - 5388 bytes

[doyll]

Problemy nejsou jen při prohliženi internetu se mi zapne ventilator a chladi a chladi . Ve spravci uloh ma pravě největši zatiženi mozilla

[jaro3]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[doyll]

OTL Extras logfile created on: 9.1.2014 21:27:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Adam\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,68% Memory free
3,84 Gb Paging File | 3,52 Gb Available in Paging File | 91,81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 13,80 Gb Free Space | 37,06% Space Free | Partition Type: NTFS

Computer Name: STANDA | User Name: Adam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Adam\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Adam\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files\webcamXP 5\wLite.exe" = C:\Program Files\webcamXP 5\wLite.exe:*:Enabled:webcamXP -- (Moonware Studios)
"C:\Program Files\webcamXP 5\wService.exe" = C:\Program Files\webcamXP 5\wService.exe:*:Enabled:webcamXP Service -- (Moonware Studios)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"C:\WINDOWS\system32\dxdiag.exe" = C:\WINDOWS\system32\dxdiag.exe:*:Enabled:Microsoft DirectX Diagnostic Tool -- (Microsoft Corporation)
"C:\Program Files\Internet Download Manager\IDMan.exe" = C:\Program Files\Internet Download Manager\IDMan.exe:*:Enabled:Internet Download Manager -- (Tonec Inc.)
"C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe" = C:\Program Files\Return to Castle Wolfenstein\WolfMP.exe:*:Disabled:WolfMP


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7A8B5F7D-6736-4DC4-A7A5-223BE131EB34}" = AVG PC TuneUp 2014 (cs-CZ)
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.67.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FormatFactory" = FormatFactory 3.2.1.0
"HD Tune_is1" = HD Tune 2.55
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ie8" = Windows Internet Explorer 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"Internet Download Manager" = Internet Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"SereneScreen Marine Aquarium 3_is1" = SereneScreen Marine Aquarium 3
"SuperTintin Skype Video Call Recorder_is1" = SuperTintin 1.2.0.23
"The KMPlayer" = The KMPlayer (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"WinRAR archiver" = WinRAR

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25.12.2013 7:00:20 | Computer Name = STANDA | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
wzcdlg.dll, verze 5.1.2600.5512, adresa chyby 0x000197cf.

Error - 25.12.2013 7:00:32 | Computer Name = STANDA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 25.12.2013 7:00:32 | Computer Name = STANDA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace explorer.exe, verze 6.0.2900.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 26.12.2013 8:01:07 | Computer Name = STANDA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 26.0.0.5087, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.12.2013 17:59:54 | Computer Name = STANDA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace GrLauncherTempSetup.exe, verze 2.2.56.5183, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 30.12.2013 20:08:05 | Computer Name = STANDA | Source = Google Update | ID = 20
Description =

Error - 2.1.2014 8:33:13 | Computer Name = STANDA | Source = Application Error | ID = 1000
Description = Chybující aplikace acrord32.exe, verze 11.0.0.379, chybující modul
msvcr100.dll, verze 10.0.40219.1, adresa chyby 0x00002008.

[ System Events ]
Error - 8.1.2014 14:22:50 | Computer Name = STANDA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 8.1.2014 14:23:26 | Computer Name = STANDA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 8.1.2014 14:33:08 | Computer Name = STANDA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 8.1.2014 14:33:12 | Computer Name = STANDA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby netman
s argumenty za účelem spuštění serveru: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

Error - 8.1.2014 14:33:51 | Computer Name = STANDA | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 8.1.2014 14:33:51 | Computer Name = STANDA | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 8.1.2014 14:33:51 | Computer Name = STANDA | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 8.1.2014 14:33:51 | Computer Name = STANDA | Source = Service Control Manager | ID = 7001
Description = Služba IPSEC Services závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 8.1.2014 14:33:51 | Computer Name = STANDA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm Fips intelppm IPSec MRxSmb NetBIOS
NetBT
RasAcd
Rdbss
Tcpip
WS2IFSL

Error - 8.1.2014 14:48:14 | Computer Name = STANDA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}


< End of report >

[doyll]

OTL. log nešel vložit měl přiliš znaku. A ještě jedna věc tohle jsem odinsataloval ,ani nevim kde se to vzalo v notebooku "System Requirements Lab "a ty videa tak už nesekaj.

[doyll]

OTL logfile created on: 9.1.2014 21:27:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Adam\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 76,68% Memory free
3,84 Gb Paging File | 3,52 Gb Available in Paging File | 91,81% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,25 Gb Total Space | 13,80 Gb Free Space | 37,06% Space Free | Partition Type: NTFS

Computer Name: STANDA | User Name: Adam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Adam\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
PRC - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\defs\14010900\algo.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()


========== Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (wxpSvc) -- C:\Program Files\webcamXP 5\wService.exe (Moonware Studios)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (TrueSight) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (IDMTDI) -- C:\WINDOWS\system32\drivers\idmtdi.sys (Tonec Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (rtl8139) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: translator%40zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.67
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Adam\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.12.29 00:19:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2014.01.05 03:08:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Adam\Data aplikací\IDM\idmmzcc5 [2013.12.27 07:25:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\Adam\Data aplikací\IDM\idmmzcc5 [2013.12.27 07:25:26 | 000,000,000 | ---D | M]

[2013.12.13 16:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam\Data aplikací\Mozilla\Extensions
[2014.01.07 11:07:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\8r0ca3z4.default\extensions
[2013.12.13 17:07:04 | 000,343,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\8r0ca3z4.default\extensions\artur.dubovoy@gmail.com.xpi
[2014.01.07 11:07:18 | 000,026,070 | ---- | M] () (No name found) -- C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\8r0ca3z4.default\extensions\downloadpaneltweaks@dagger2-addons.mozilla.org.xpi
[2013.12.13 22:42:31 | 000,060,290 | ---- | M] () (No name found) -- C:\Documents and Settings\Adam\Data aplikací\Mozilla\Firefox\Profiles\8r0ca3z4.default\extensions\translator@zoli.bod.xpi
[2013.12.13 16:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.13 16:51:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADAM\DATA APLIKACĂ­\IDM\IDMMZCC5
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADAM\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\8R0CA3Z4.DEFAULT\EXTENSIONS\TRANSLATOR@ZOLI.BOD.XPI

O1 HOSTS File: ([2014.01.08 19:49:33 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DE5DE4A-CE19-41FF-9E8B-0B83FD5F8894}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Adam\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Adam\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.04.02 18:48:23 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014.01.09 21:24:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Adam\Plocha\OTL.exe
[2014.01.09 20:43:21 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Adam\Recent
[2014.01.09 20:41:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
[2014.01.09 20:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.01.09 15:05:26 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2014.01.09 01:10:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2014.01.08 09:23:03 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2014.01.06 16:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2014.01.06 16:33:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
[2014.01.04 12:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014.01.04 12:27:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\CPUID
[2014.01.04 09:24:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2014.01.04 09:23:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014.01.04 09:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014.01.04 09:22:56 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2014.01.04 09:22:56 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2014.01.04 09:22:56 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2014.01.04 09:22:55 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2014.01.04 09:22:55 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2014.01.04 09:22:55 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2014.01.04 09:22:54 | 000,000,000 | ---D | C] -- C:\3d10d4f1585596fe347a17942648
[2014.01.04 01:28:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014.01.04 00:41:09 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2014.01.04 00:03:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2014.01.03 22:57:51 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2014.01.03 22:57:50 | 000,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2014.01.03 22:57:50 | 000,058,112 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2014.01.03 22:57:49 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2014.01.03 22:57:48 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2014.01.03 22:57:47 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2014.01.03 22:57:47 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2014.01.03 22:57:47 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2014.01.03 22:57:47 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2014.01.03 22:57:46 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2014.01.03 22:57:46 | 000,021,376 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2014.01.03 22:57:45 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2014.01.03 22:57:45 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2014.01.03 22:57:44 | 000,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys.bak
[2014.01.03 22:57:44 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2014.01.03 22:57:43 | 000,466,008 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.bak
[2014.01.03 22:57:43 | 000,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2014.01.03 22:57:43 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2014.01.03 22:57:41 | 000,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2014.01.03 22:57:41 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\RTL8139.sys.bak
[2014.01.03 22:57:40 | 006,143,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys.bak
[2014.01.03 22:57:39 | 000,445,696 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt73.sys.bak
[2014.01.03 22:57:39 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys.bak
[2014.01.03 22:57:39 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2014.01.03 22:57:39 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2014.01.03 22:57:38 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2014.01.03 22:57:37 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2014.01.03 22:57:35 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2014.01.03 22:57:34 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2014.01.03 22:57:33 | 000,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2014.01.03 22:57:32 | 000,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.bak
[2014.01.03 22:57:32 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2014.01.03 22:57:32 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2014.01.03 22:57:31 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys.bak
[2014.01.03 22:57:31 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2014.01.03 22:57:25 | 000,092,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys.bak
[2014.01.03 22:57:24 | 001,395,800 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\Monfilt.sys.bak
[2014.01.03 22:57:24 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2014.01.03 22:57:23 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2014.01.03 22:57:23 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys.bak
[2014.01.03 22:57:23 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2014.01.03 22:57:18 | 000,121,184 | ---- | C] (Tonec Inc.) -- C:\WINDOWS\System32\drivers\idmtdi.sys.bak
[2014.01.03 22:57:16 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2014.01.03 22:57:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2014.01.03 22:57:15 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2014.01.03 22:57:14 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2014.01.03 22:57:13 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2014.01.03 22:57:13 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2014.01.03 22:57:13 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2014.01.03 22:57:11 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2014.01.03 22:57:10 | 000,011,776 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2014.01.03 22:57:09 | 000,262,528 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2014.01.03 22:57:09 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2014.01.03 22:57:05 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys.bak
[2014.01.03 22:57:04 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2014.01.03 22:57:04 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2014.01.03 22:57:04 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2014.01.03 22:57:00 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys.bak
[2014.01.03 22:57:00 | 000,041,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys.bak
[2014.01.03 22:55:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Plocha\RK_Quarantine
[2014.01.03 21:23:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Plocha\Spring Breakers [2013-OST] iTunes
[2014.01.03 19:25:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Plocha\tdsskiller
[2014.01.03 19:23:04 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Adam\Plocha\aswmbr.exe
[2014.01.03 01:20:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.01.02 23:13:04 | 001,036,305 | ---- | C] (Thisisu) -- C:\Documents and Settings\Adam\Plocha\JRT.exe
[2014.01.02 21:09:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.02 19:03:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\Malwarebytes
[2014.01.02 19:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.01.02 19:02:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.01.02 19:02:55 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.01.02 19:02:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.01.02 18:34:39 | 000,046,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irbus.sys
[2014.01.02 18:25:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2014.01.02 18:25:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014.01.01 23:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014.01.01 23:18:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014.01.01 23:03:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Nabídka Start\Programy\HiJackThis
[2014.01.01 23:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2014.01.01 22:50:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
[2014.01.01 15:17:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Package Cache
[2014.01.01 10:31:21 | 000,000,000 | ---D | C] -- C:\KMPlayer
[2014.01.01 01:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\RealNetworks
[2014.01.01 01:13:17 | 000,000,000 | ---D | C] -- C:\FFOutput
[2013.12.31 23:17:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee
[2013.12.31 22:06:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Nabídka Start\Programy\The KMPlayer
[2013.12.31 22:05:59 | 000,000,000 | ---D | C] -- C:\Program Files\The KMPlayer
[2013.12.31 22:04:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Real
[2013.12.30 22:14:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\webcamXP 5
[2013.12.30 22:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\webcamXP 5
[2013.12.30 22:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\webcamXP 5
[2013.12.30 21:46:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\McAfee
[2013.12.30 17:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\Zoner
[2013.12.30 17:01:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Local Settings\Data aplikací\Zoner
[2013.12.28 17:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Local Settings\Data aplikací\Temp
[2013.12.28 17:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Local Settings\Data aplikací\Facebook
[2013.12.28 12:30:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013.12.27 07:23:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\IDM
[2013.12.27 07:23:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\IDM
[2013.12.27 07:23:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\DMCache
[2013.12.27 07:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Internet Download Manager
[2013.12.27 07:23:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Nabídka Start\Programy\Internet Download Manager
[2013.12.27 07:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Download Manager
[2013.12.24 09:07:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Dokumenty\SuperTintin Records for Skype
[2013.12.24 09:06:42 | 000,204,800 | ---- | C] (GDCL (www.gdcl.co.uk)) -- C:\WINDOWS\System32\mp4demux.dll
[2013.12.24 09:06:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\SuperTintin for Skype
[2013.12.24 09:06:41 | 000,629,760 | ---- | C] (DivX, Inc.) -- C:\WINDOWS\System32\DivXDecH264.ax
[2013.12.24 09:06:41 | 000,622,592 | ---- | C] (MONOGRAM Multimedia s.r.o.) -- C:\WINDOWS\System32\mmaacd.ax
[2013.12.24 09:06:39 | 000,000,000 | ---D | C] -- C:\Program Files\SuperTintin for Skype
[2013.12.23 18:17:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\Marine Aquarium 3
[2013.12.23 18:17:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\SereneScreen
[2013.12.23 18:17:12 | 006,565,888 | ---- | C] (SereneScreen) -- C:\WINDOWS\System32\MarineAquarium3.scr
[2013.12.23 18:17:12 | 000,000,000 | ---D | C] -- C:\Program Files\SereneScreen
[2013.12.18 20:15:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Dokumenty\porna
[2013.12.16 17:56:30 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2013.12.16 17:56:25 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2013.12.16 17:56:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013.12.16 17:56:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2013.12.16 17:56:22 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2013.12.16 17:56:19 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2013.12.16 17:56:16 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2013.12.16 17:56:13 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2013.12.16 17:56:10 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2013.12.16 17:56:00 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013.12.16 17:55:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013.12.16 17:55:53 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2013.12.16 17:55:52 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2013.12.16 17:55:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013.12.16 17:55:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2013.12.16 17:55:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013.12.16 17:55:52 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2013.12.16 17:55:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2013.12.16 17:55:52 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2013.12.16 17:55:51 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013.12.16 17:55:51 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2013.12.16 17:55:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013.12.16 17:55:51 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013.12.16 14:46:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\Maxthon3
[2013.12.16 13:26:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\Ashampoo
[2013.12.16 13:26:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Local Settings\Data aplikací\ashampoo
[2013.12.16 13:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Ashampoo
[2013.12.14 04:42:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\ElevatedDiagnostics
[2013.12.14 04:41:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Windows PowerShell 1.0
[2013.12.14 04:40:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windowspowershell
[2013.12.14 04:38:16 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2013.12.14 04:37:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2013.12.14 02:01:55 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2013.12.14 00:46:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Local Settings\Data aplikací\WMTools Downloaded Files
[2013.12.14 00:45:14 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Adam\Dokumenty\Filmy
[2013.12.13 16:51:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Data aplikací\Mozilla
[2013.12.13 16:51:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.12.13 16:46:32 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Adam\IECompatCache
[2013.12.11 22:52:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Adam\Plocha\videa adrian

========== Files - Modified Within 30 Days ==========