pomaly PC, otevira se slozka pri startu PC,..

Zpráva

aqus · #1 Příspěvek od **aqus** » 22 led 2013 18:55

dobry den, prosim o kontrolu logu, pri startu PC (az na plose) vyskakuje okno exploreru "C:\Program Files\Common"
navic nejede iExplorer (pouzivam jine prohlizece, ale kdyz nekdy nutne potrebuju neco a jinde to nejde, tak ..chapete:-) ), celkove je PC pomalejsi, diky za kontrolu.

log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by VANEK at 2013-01-22 18:50:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 159 GB (58%) free of 275 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:50:15, on 22.1.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\program files\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\VANEK\Plocha\RSIT.exe
C:\Program Files\trend micro\VANEK.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 11453 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
C:\WINDOWS\tasks\ROC_JAN2013_TB_rmv.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\VANEK\Data aplikací\Mozilla\Firefox\Profiles\76od3sn5.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429, avg@igeared:6.103.018.001, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, bkmrksync@nokia.com:1.0.0.736, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.262 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files\Netscape6\nprpplugin.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nppl3260.dll
nppl3260.xpt
nprjplug.dll
nprpplugin.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\VANEK\Data aplikací\Mozilla\Firefox\Profiles\76od3sn5.default\extensions\
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-05-31 425680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-14 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-14 157672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-17 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [2009-08-27 614400]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"TkBellExe"=C:\program files\update\realsched.exe [2012-05-31 296056]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_3_300_262_Plugin.exe [2012-06-26 686280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-09-18 171464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess]
C:\Program Files\Nokia\PC Internet Access\NPCIA.exe [2008-08-05 536576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-12-21 1483264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2009-07-29 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_JAN2013_TB]
C:\Program Files\AVG Secure Search\ROC_JAN2013_TB.exe [2013-01-15 1177168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
C:\Program Files\extras\ViOrb\ViOrb.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2009-06-06 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [1999-02-18 65588]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe"="C:\Program Files\Activision Value\Soldier of Fortune Payback\sof3.exe:*:Enabled:sof3"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"E:\petr\skola\DBB\Uniform Server3_5\Uniform Server3_5\udrive\usr\local\apache2\bin\Apache.exe"="E:\petr\skola\DBB\Uniform Server3_5\Uniform Server3_5\udrive\usr\local\apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"E:\petr\skola\DBB\Uniform Server3_5\Uniform Server3_5\udrive\usr\local\mysql\bin\mysqld-opt.exe"="E:\petr\skola\DBB\Uniform Server3_5\Uniform Server3_5\udrive\usr\local\mysql\bin\mysqld-opt.exe:*:Enabled:mysqld-opt"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=vdrcodec.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.MJPG"=Pvmjpg21.dll
"VIDC.PIM1"=pclepim1.dll

======List of files/folders created in the last 1 month======

2013-01-22 15:57:31 ----RD---- C:\Program Files\Skype
2013-01-22 15:57:31 ----D---- C:\Program Files\Common Files\Skype
2013-01-09 18:55:23 ----A---- C:\WINDOWS\IE4 Error Log.txt

======List of files/folders modified in the last 1 month======

2013-01-22 18:50:07 ----D---- C:\Program Files\trend micro
2013-01-22 18:49:23 ----D---- C:\Documents and Settings\VANEK\Data aplikací\Skype
2013-01-22 18:48:44 ----D---- C:\WINDOWS\Temp
2013-01-22 18:48:24 ----SD---- C:\WINDOWS\Tasks
2013-01-22 18:48:17 ----D---- C:\WINDOWS\Registration
2013-01-22 18:48:02 ----D---- C:\WINDOWS
2013-01-22 18:47:46 ----RD---- C:\Program Files
2013-01-22 18:47:46 ----D---- C:\WINDOWS\system32
2013-01-22 18:47:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-01-22 18:47:03 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-22 18:45:50 ----A---- C:\WINDOWS\NeroDigital.ini
2013-01-22 18:45:08 ----A---- C:\WINDOWS\wincmd.ini
2013-01-22 18:44:50 ----D---- C:\Program Files\UltraISO
2013-01-22 18:44:29 ----D---- C:\Program Files\Pinnacle
2013-01-22 18:41:07 ----SHD---- C:\WINDOWS\Installer
2013-01-22 18:41:04 ----D---- C:\Program Files\AVG Secure Search
2013-01-22 18:41:04 ----D---- C:\Config.Msi
2013-01-22 18:41:02 ----D---- C:\WINDOWS\system32\drivers
2013-01-22 18:40:59 ----D---- C:\Program Files\Common Files
2013-01-22 18:29:30 ----D---- C:\Program Files\vdownloader
2013-01-22 18:27:03 ----RASH---- C:\boot.ini
2013-01-22 18:27:03 ----A---- C:\WINDOWS\win.ini
2013-01-22 18:27:03 ----A---- C:\WINDOWS\system.ini
2013-01-22 17:43:15 ----HD---- C:\Program Files\InstallShield Installation Information
2013-01-22 17:41:26 ----D---- C:\WINDOWS\system32\QuickTime
2013-01-22 16:49:57 ----D---- C:\Program Files\SlySoft
2013-01-22 16:38:49 ----A---- C:\WINDOWS\wcx_ftp.ini
2013-01-22 16:35:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-01-22 16:34:17 ----D---- C:\TEMP
2013-01-22 16:10:19 ----D---- C:\Program Files\Mozilla Firefox
2013-01-22 15:57:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-01-22 15:44:05 ----D---- C:\WINDOWS\Prefetch
2013-01-15 14:09:08 ----D---- C:\WINDOWS\system32\cache
2013-01-08 19:12:24 ----D---- C:\Program Files\IKEA HomePlanner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2012-09-12 721904]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-26 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-26 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-26 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-26 4992]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-12-26 60800]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-26 10112]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-12-26 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 a19lbru4;a19lbru4; C:\WINDOWS\system32\drivers\a19lbru4.sys []
S3 a75z1jek;a75z1jek; C:\WINDOWS\system32\drivers\a75z1jek.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\VANEK\LOCALS~1\Temp\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-06-17 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-12-26 58880]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-10-14 161768]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-06-06 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-13 129976]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 23 led 2013 10:30

Zdravim

Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe

Ulozte nejlepe na Plochu
U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)
Kliknete na Scan
Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

Provedte aktualizaci
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

aqus · #3 Příspěvek od **aqus** » 23 led 2013 13:20

zdarec ...vkladam log z FSS, MBAM kontroluje, poslu az to dokonci

Farbar Service Scanner Version: 16-01-2013
Ran by VANEK (administrator) on 23-01-2013 at 13:13:38
Running from "C:\Documents and Settings\VANEK\Plocha"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2008-04-14 07:51] - [2008-04-14 07:51] - 0125952 ____A (Microsoft Corporation) 8C9A53E285AC5E6704844D0459EC85BE

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2008-04-14 07:51] - [2009-04-20 18:09] - 0045568 ____A (Microsoft Corporation) ADB285644A95431CCEDC7C706090936D

C:\WINDOWS\system32\ipnathlp.dll
[2008-12-14 15:44] - [2008-12-14 15:44] - 0329728 ____A (Microsoft Corporation) 19C016C79DB4D1A840B9D5A20D7ECA54

C:\WINDOWS\system32\netman.dll
[2008-04-14 07:51] - [2008-04-14 07:51] - 0198144 ____A (Microsoft Corporation) 72E1E9E2977BE08BDEEDB6D8FD9D4D40

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2009-05-30 15:14] - [2008-04-14 07:52] - 0144896 ____A (Microsoft Corporation) E488332126E3B1182D2B8A0C35408EC6

C:\WINDOWS\system32\srsvc.dll
[2009-05-30 15:18] - [2008-04-14 07:52] - 0171008 ____A (Microsoft Corporation) 35B91147124F64AC8081A2EDB9EA4DEE

C:\WINDOWS\system32\Drivers\sr.sys
[2009-05-30 15:18] - [2008-04-14 07:11] - 0073344 ____A (Microsoft Corporation) 94610C8653635E4459316A0050D55CE7

C:\WINDOWS\system32\wscsvc.dll
[2008-04-14 07:52] - [2008-04-14 07:52] - 0080896 ____A (Microsoft Corporation) 4C86D5FAF78194995AF9CC1075F65DD3

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2009-05-30 15:14] - [2008-04-14 07:52] - 0144896 ____A (Microsoft Corporation) E488332126E3B1182D2B8A0C35408EC6

C:\WINDOWS\system32\wuauserv.dll
[2009-05-30 15:19] - [2008-04-14 07:52] - 0006656 ____A (Microsoft Corporation) C1364564800EE9784192145324A23308

C:\WINDOWS\system32\qmgr.dll
[2009-05-30 15:19] - [2008-04-14 07:51] - 0409088 ____A (Microsoft Corporation) 19395D092FD85DDC2D9C7729CF5A2AC8

C:\WINDOWS\system32\es.dll
[2008-12-14 15:44] - [2008-12-14 15:44] - 0253952 ____A (Microsoft Corporation) BE68EA4457E2E5717231CF91BE5448E0

C:\WINDOWS\system32\cryptsvc.dll
[2008-04-14 07:51] - [2008-04-14 07:51] - 0062464 ____A (Microsoft Corporation) F3AB0933CBD166D271992F411C27CCAF

C:\WINDOWS\system32\svchost.exe
[2008-04-14 07:52] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) BE4A520E29B6391F49E79CCC52044D93

C:\WINDOWS\system32\rpcss.dll
[2008-04-14 07:51] - [2009-02-09 11:59] - 0401408 ____A (Microsoft Corporation) C0BD34A62508BA68F146E22CE45919F9

C:\WINDOWS\system32\services.exe
[2008-04-14 07:52] - [2009-02-09 12:18] - 0111104 ____A (Microsoft Corporation) 3D107D45CCFDB266E91D84B52CD7F430

Extra List:
=======
aswTdi(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

#4 Příspěvek od **vyosek** » 23 led 2013 13:21

Zdravim,

FSS vypada OK, pockam si na MBAM

aqus · #5 Příspěvek od **aqus** » 23 led 2013 14:55

predchvili to skoncilo, tady je log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.23.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
VANEK :: PETR [administrátor]

23.1.2013 13:18:15
MBAM-log-2013-01-23 (14-54-09).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 353812
Uplynulý čas: 1 hodin, 19 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Program Files\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> Nebyla provedena žádná instrukce.
C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe (Malware.Gen) -> Nebyla provedena žádná instrukce.
D:\System Volume Information\_restore{B0EC8E93-FCF0-431D-BDD9-267F1837625D}\RP857\A0145654.exe (Riskware.Tool.CK) -> Nebyla provedena žádná instrukce.

(konec)

#6 Příspěvek od **vyosek** » 23 led 2013 17:12

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

aqus · #7 Příspěvek od **aqus** » 23 led 2013 17:30

https://www.virustotal.com/file/042e290 ... 358958572/

#8 Příspěvek od **vyosek** » 23 led 2013 20:42

Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

aqus · #9 Příspěvek od **aqus** » 24 led 2013 12:45

zdarec ..vkladam log z combofix:

ComboFix 13-01-23.01 - VANEK 24.01.2013 12:33:59.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1331 [GMT 1:00]
Spuštěný z: c:\documents and settings\VANEK\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\system32\3gpvideoconvertera.dat
c:\windows\system32\3gpvideoconverterb.dat
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\465079da1c8ea19a.fb
c:\windows\system32\Cache\4c7a949a5446538b.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5e56c6bed32c0d69.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\bc64cb2b7879535d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\ebf8414668a91ee3.fb
c:\windows\system32\Cache\f41a294262c573fc.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-24 do 2013-01-24 )))))))))))))))))))))))))))))))
.
.
2013-01-23 12:14 . 2013-01-23 12:15 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-23 12:14 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-22 17:58 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-22 14:57 . 2013-01-22 14:57 -------- d-----w- c:\program files\Common Files\Skype
2013-01-22 14:57 . 2013-01-22 14:57 -------- d-----r- c:\program files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 22:51 . 2012-12-13 15:18 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-12-13 15:17 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2012-12-13 15:17 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-12-13 15:17 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-12-13 15:17 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2012-12-13 15:17 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2012-12-13 15:18 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-12-13 15:17 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2012-12-13 15:17 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-12-13 15:17 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-05-31 15:30 . 2012-05-31 15:30 16896 ----a-w- c:\program files\wmdmhelper.dll
2012-05-31 15:30 . 2012-05-31 15:30 656896 ----a-w- c:\program files\rjbres.dll
2012-05-31 15:30 . 2012-05-31 15:30 45056 ----a-w- c:\program files\ierjplug.dll
2012-05-31 15:30 . 2012-05-31 15:30 361984 ----a-w- c:\program files\rjdlg.dll
2012-05-31 15:30 . 2012-05-31 15:30 34304 ----a-w- c:\program files\rjprog.dll
2012-05-31 15:30 . 2012-05-31 15:30 139264 ----a-w- c:\program files\dunzip32.dll
2012-05-31 15:30 . 2012-05-31 15:30 9728 ----a-w- c:\program files\fixrjb.exe
2012-05-31 15:30 . 2012-05-31 15:30 1115376 ----a-w- c:\program files\cddbmusicid.dll
2012-05-31 15:30 . 2012-05-31 15:30 943344 ----a-w- c:\program files\cddblink.dll
2012-05-31 15:30 . 2012-05-31 15:30 74240 ----a-w- c:\program files\tsasdk.dll
2012-05-31 15:30 . 2012-05-31 15:30 48640 ----a-w- c:\program files\tpasdk.dll
2012-05-31 15:30 . 2012-05-31 15:30 45056 ----a-w- c:\program files\mmcdda32.dll
2012-05-31 15:30 . 2012-05-31 15:30 23552 ----a-w- c:\program files\tnetdtct.dll
2012-05-31 15:30 . 2012-05-31 15:30 2041072 ----a-w- c:\program files\cddbcontrol.dll
2012-05-31 15:30 . 2012-05-31 15:30 67584 ----a-w- c:\program files\rpwa3260.dll
2012-05-31 15:30 . 2012-05-31 15:30 16296 ----a-w- c:\program files\realtfon.fon
2012-05-31 15:30 . 2012-05-31 15:30 45728 ----a-w- c:\program files\rpshellsearch.dll
2012-05-31 15:30 . 2012-05-31 15:30 375416 ----a-w- c:\program files\realconverter.exe
2012-05-31 15:30 . 2012-05-31 15:30 349304 ----a-w- c:\program files\convert.exe
2012-05-31 15:30 . 2012-05-31 15:30 390384 ----a-w- c:\program files\mc_enc_mp4v.dll
2012-05-31 15:30 . 2012-05-31 15:30 381040 ----a-w- c:\program files\realtrimmer.exe
2012-05-31 15:30 . 2012-05-31 15:30 129648 ----a-w- c:\program files\realshare.exe
2012-05-31 15:30 . 2012-05-31 15:30 719360 ----a-w- c:\program files\dbghelp.dll
2012-05-31 15:30 . 2012-05-31 15:30 72192 ----a-w- c:\program files\rjwmapln.dll
2012-05-31 15:30 . 2012-05-31 15:30 46592 ----a-w- c:\program files\rpau3260.dll
2012-05-31 15:29 . 2012-05-31 15:29 29824 ----a-w- c:\program files\rndevicedbbuilder.exe
2012-05-31 15:29 . 2012-05-31 15:29 88064 ----a-w- c:\program files\hxaudiodevicehook.dll
2012-05-31 15:29 . 2012-05-31 15:29 86528 ----a-w- c:\program files\rpplugprot.dll
2012-05-31 15:29 . 2012-05-31 15:29 64656 ----a-w- c:\program files\rpshell.dll
2012-05-31 15:29 . 2012-05-31 15:29 116888 ----a-w- c:\program files\rdsf3260.dll
2012-05-31 15:29 . 2012-05-31 15:29 18072 ----a-w- c:\program files\rphelperapp.exe
2012-05-31 15:29 . 2012-05-31 15:29 10240 ----a-w- c:\program files\realjbox.exe
2012-05-31 15:29 . 2012-05-31 15:29 499312 ----a-w- c:\program files\realplay.exe
2012-05-31 15:29 . 2012-05-31 15:29 439464 ----a-w- c:\program files\recordingmanager.exe
2012-08-13 17:53 . 2012-08-13 17:53 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-19 12:23 . A23DF7213FE43F712F27A74DBCA5222B . 1593856 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-12-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-12-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-12-19 . D39127310CBAD1485EC5001A4ED1D853 . 1486336 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
.
[-] 2008-12-19 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-12-26 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"nwiz"="nwiz.exe" [2008-09-17 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2009-08-27 614400]
"TkBellExe"="c:\program files\update\realsched.exe" [2012-05-31 296056]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-12-19 40960]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2004-12-14 00:12 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-04-24 03:21 203928 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxCmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-09-18 14:16 171464 ----a-w- c:\program files\DAEMON Tools\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2008-06-24 14:06 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 05:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-06-08 07:31 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-06-19 07:53 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-01-31 10:16 703360 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaPCInternetAccess]
2008-08-05 12:45 536576 ----a-w- c:\program files\Nokia\PC Internet Access\NPCIA.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-12-21 09:53 1483264 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-07-29 15:18 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 15:54 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_JAN2013_TB]
2013-01-15 13:08 1177168 ------w- c:\program files\AVG Secure Search\ROC_JAN2013_TB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"AlwaysReady Power Message APP"=ARPWRMSG.EXE
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"PinnacleDriverCheck"=c:\windows\system32\PSDrvCheck.exe -CheckReg
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1.6.2009 12:38 721904]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.12.2012 16:17 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.12.2012 16:18 361032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.12.2012 16:18 21256]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [23.1.2013 13:14 21104]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [23.1.2013 13:14 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [26.1.2011 01:28 11520]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSCHEDULER
*NewlyCreated* - MBAMSERVICE
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-13 22:50]
.
2013-01-24 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
2013-01-24 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 16:21]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: SmarThru4 Capture Selection - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.100.100.1 10.100.100.6
FF - ProfilePath - c:\documents and settings\VANEK\Data aplikací\Mozilla\Firefox\Profiles\76od3sn5.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=42&tp=ab&q=
FF - ExtSQL: 2012-12-13 16:21; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2009-09-02 10:38; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-CloneCDTray - c:\program files\SlySoft\CloneCD\CloneCDTray.exe
MSConfigStartUp-ViOrb - c:\program files\extras\ViOrb\ViOrb.exe
MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-24 12:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1032)
c:\windows\system32\setupapi.dll
.
Celkový čas: 2013-01-24 12:42:39
ComboFix-quarantined-files.txt 2013-01-24 11:42
.
Před spuštěním: Volných bajtů: 175 269 146 624
Po spuštění: Volných bajtů: 175 561 551 872
.
- - End Of File - - A882A8853D7D90A917211B4236A1E829

aqus · #10 Příspěvek od **aqus** » 24 led 2013 12:46

jo a jeste v MBAM sem nic nemazal a vypnul sem ho kdyz sem vymazal body obnoveni - restart ...combofix ty problemy vyresi nebo mam dat pak znovu prohledat PC pomoci MBAM a smazat neco? dik

#11 Příspěvek od **vyosek** » 24 led 2013 21:57

V MBAMu nic nemazte

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

c:\windows\system32\winlogon.exe
c:\windows\regedit.exe
c:\windows\system32\user32.dll
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

aqus · #12 Příspěvek od **aqus** » 25 led 2013 15:06

c:\windows\system32\winlogon.exe

https://www.virustotal.com/file/cacdb2f ... 359122578/

-------------------------------------
c:\windows\regedit.exe

https://www.virustotal.com/file/bd5a051 ... 359122673/

-------------------------------------
c:\windows\system32\user32.dll

https://www.virustotal.com/file/e8ab1fe ... 359122755/

#13 Příspěvek od **vyosek** » 25 led 2013 23:30

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

aqus · #14 Příspěvek od **aqus** » 26 led 2013 15:20

zdravim, po dokonceni scan to vyhodilo tuhle hlasku (viz obrazek), ale logy jsou vytvorene tak je prikladam

aqus · #15 Příspěvek od **aqus** » 26 led 2013 15:20

OTL logfile created on: 26.1.2013 14:50:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\VANEK\Plocha
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 76,87% Memory free
3,85 Gb Paging File | 3,57 Gb Available in Paging File | 92,71% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 268,56 Gb Total Space | 163,43 Gb Free Space | 60,85% Space Free | Partition Type: NTFS
Drive D: | 97,65 Gb Total Space | 11,96 Gb Free Space | 12,25% Space Free | Partition Type: NTFS
Drive E: | 99,54 Gb Total Space | 30,40 Gb Free Space | 30,54% Space Free | Partition Type: NTFS

Computer Name: PETR | User Name: VANEK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.26 14:49:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VANEK\Plocha\OTL.exe
PRC - [2013.01.12 03:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.05.31 16:29:42 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- c:\Program Files\Update\realsched.exe
PRC - [2009.08.27 11:58:51 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2008.12.26 21:17:22 | 000,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2008.12.19 13:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

========== Modules (No Company Name) ==========

MOD - [2013.01.26 09:50:01 | 002,048,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13012600\algo.dll
MOD - [2009.08.27 11:58:51 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
MOD - [2009.07.31 08:34:13 | 000,192,512 | R--- | M] () -- C:\WINDOWS\system32\SaXPWIA.dll
MOD - [2009.07.31 08:34:11 | 000,117,248 | R--- | M] () -- C:\WINDOWS\system32\SaXPIPH.dll
MOD - [2009.07.31 08:34:11 | 000,087,552 | R--- | M] () -- C:\WINDOWS\system32\SaXPSTI.dll
MOD - [2009.07.31 08:34:10 | 000,140,288 | R--- | M] () -- C:\WINDOWS\system32\SaXPEH.dll
MOD - [2008.12.26 21:17:22 | 000,050,176 | ---- | M] () -- C:\WINDOWS\armcex.dll
MOD - [2008.12.26 21:17:20 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2008.09.17 09:55:00 | 001,503,232 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2008.09.17 09:55:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.02.05 08:53:55 | 000,022,723 | ---- | M] () -- C:\WINDOWS\system32\sse1ml3.dll

========== Services (SafeList) ==========

SRV - [2013.01.12 03:27:33 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 18:53:06 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010.12.08 13:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.12.26 21:17:22 | 000,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2007.08.09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\VANEK\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ao7kh2k4)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a66xkljx)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.09.12 14:15:14 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010.07.30 13:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 13:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 13:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 13:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.06.17 12:01:44 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 20:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2009.02.04 13:20:10 | 000,038,400 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.17 15:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.01.04 03:10:16 | 000,105,856 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.06.19 04:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.05.05 15:51:00 | 000,004,608 | ---- | M] (NVIDIA Corporation.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvport.sys -- (nvport)
DRV - [2006.03.29 05:19:26 | 000,009,856 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2004.06.21 15:03:22 | 000,078,976 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002.03.19 10:29:16 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/sear ... earchTerms}

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searc ... 8&fr=b1ie7
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\..\SearchScopes\{600BD9BA-EAC1-4E4E-921C-BDDBFD19EBE1}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4cc83540 ... =&ychte=us
IE - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:4.0.4
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1474
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=42&tp=ab&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.05.03 08:56:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.03 09:24:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.05.31 16:30:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.12.13 16:17:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.13 18:53:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.09.12 10:31:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.03 09:24:25 | 000,000,000 | ---D | M]

[2009.11.23 13:55:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VANEK\Data aplikací\Mozilla\Extensions
[2012.11.30 00:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\VANEK\Data aplikací\Mozilla\Firefox\Profiles\76od3sn5.default\extensions
[2012.11.30 00:28:26 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\VANEK\Data aplikací\Mozilla\Firefox\Profiles\76od3sn5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.04.28 10:19:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\VANEK\Data aplikací\Mozilla\Firefox\Profiles\76od3sn5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.09.12 10:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.09.12 10:31:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\VANEK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\76OD3SN5.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
[2012.12.13 16:17:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.08.13 18:53:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.05.31 16:29:51 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012.08.13 18:53:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.13 18:53:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.13 18:53:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.13 18:53:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.13 18:53:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\VANEK\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.56\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\VANEK\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\VANEK\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Data aplikac\u00ED\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Data aplikac\u00ED\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\VANEK\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.4_0\
CHR - Extension: Disk Google = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Disk Google = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Gmail = C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.01.24 12:40:50 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKLM..\Run: [TkBellExe] c:\program files\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles (Guliwer Company)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O15 - HKU\S-1-5-21-1409082233-1547161642-682003330-1004\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.100.100.1 10.100.100.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B8EC333-9D2B-444B-B4C5-3257DE2C1732}: DhcpNameServer = 10.100.100.1 10.100.100.6
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\VANEK\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.30 15:21:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.I420 - C:\WINDOWS\System32\vdrcodec.dll (Pinnacle Systems)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\pvmjpg21.dll (Pegasus Imaging Corporation)
Drivers32: VIDC.PIM1 - C:\WINDOWS\System32\pclepim1.dll (Pinnacle Systems)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.26 14:49:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\VANEK\Plocha\OTL.exe
[2013.01.24 12:26:59 | 005,026,296 | R--- | C] (Swearware) -- C:\Documents and Settings\VANEK\Plocha\ComboFix.exe
[2013.01.23 13:15:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.01.23 13:14:58 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.01.23 13:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.23 13:12:55 | 010,156,424 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\VANEK\Plocha\mbam-setup.exe
[2013.01.23 13:12:00 | 000,350,915 | ---- | C] (Farbar) -- C:\Documents and Settings\VANEK\Plocha\FSS.exe
[2013.01.22 19:10:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VANEK\Nabídka Start\Programy\Google Chrome
[2013.01.22 18:58:10 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.01.22 18:58:10 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.01.22 18:58:10 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.01.22 18:17:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\VANEK\Plocha\mamka
[2013.01.22 15:57:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.01.22 15:57:31 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.01.22 15:57:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.05.31 16:30:42 | 000,016,896 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\wmdmhelper.dll
[2012.05.31 16:30:39 | 000,656,896 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjbres.dll
[2012.05.31 16:30:39 | 000,361,984 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjdlg.dll
[2012.05.31 16:30:39 | 000,139,264 | ---- | C] (Inner Media, Inc.) -- C:\Program Files\dunzip32.dll
[2012.05.31 16:30:39 | 000,045,056 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\ierjplug.dll
[2012.05.31 16:30:39 | 000,034,304 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjprog.dll
[2012.05.31 16:30:38 | 000,009,728 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\fixrjb.exe
[2012.05.31 16:30:37 | 001,115,376 | ---- | C] (Gracenote) -- C:\Program Files\cddbmusicid.dll
[2012.05.31 16:30:36 | 000,943,344 | ---- | C] (Gracenote) -- C:\Program Files\cddblink.dll
[2012.05.31 16:30:34 | 002,041,072 | ---- | C] (Gracenote, Inc.) -- C:\Program Files\cddbcontrol.dll
[2012.05.31 16:30:34 | 000,074,240 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tsasdk.dll
[2012.05.31 16:30:34 | 000,048,640 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tpasdk.dll
[2012.05.31 16:30:34 | 000,045,056 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\mmcdda32.dll
[2012.05.31 16:30:34 | 000,023,552 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\tnetdtct.dll
[2012.05.31 16:30:32 | 000,067,584 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpwa3260.dll
[2012.05.31 16:30:31 | 000,045,728 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshellsearch.dll
[2012.05.31 16:30:29 | 000,375,416 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realconverter.exe
[2012.05.31 16:30:29 | 000,349,304 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\convert.exe
[2012.05.31 16:30:23 | 000,390,384 | ---- | C] (MainConcept GmbH) -- C:\Program Files\mc_enc_mp4v.dll
[2012.05.31 16:30:19 | 000,381,040 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realtrimmer.exe
[2012.05.31 16:30:19 | 000,129,648 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realshare.exe
[2012.05.31 16:30:14 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dbghelp.dll
[2012.05.31 16:30:13 | 000,072,192 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rjwmapln.dll
[2012.05.31 16:30:07 | 000,046,592 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpau3260.dll
[2012.05.31 16:29:52 | 000,029,824 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rndevicedbbuilder.exe
[2012.05.31 16:29:51 | 000,088,064 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\hxaudiodevicehook.dll
[2012.05.31 16:29:50 | 000,116,888 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rdsf3260.dll
[2012.05.31 16:29:50 | 000,086,528 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpplugprot.dll
[2012.05.31 16:29:50 | 000,064,656 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rpshell.dll
[2012.05.31 16:29:46 | 000,018,072 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\rphelperapp.exe
[2012.05.31 16:29:46 | 000,010,240 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realjbox.exe
[2012.05.31 16:29:45 | 000,499,312 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\realplay.exe
[2012.05.31 16:29:42 | 000,439,464 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\recordingmanager.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.01.26 14:53:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.26 14:49:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\VANEK\Plocha\OTL.exe
[2013.01.25 16:17:01 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.01.25 15:01:50 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
[2013.01.25 15:01:43 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
[2013.01.25 15:01:22 | 000,201,044 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.01.25 15:01:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.01.25 15:01:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.01.25 15:01:10 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.24 12:40:50 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.01.24 12:27:16 | 005,026,296 | R--- | M] (Swearware) -- C:\Documents and Settings\VANEK\Plocha\ComboFix.exe
[2013.01.23 17:33:42 | 000,004,056 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.01.23 13:15:00 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.01.23 13:13:30 | 010,156,424 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\VANEK\Plocha\mbam-setup.exe
[2013.01.23 13:12:01 | 000,350,915 | ---- | M] (Farbar) -- C:\Documents and Settings\VANEK\Plocha\FSS.exe
[2013.01.22 19:10:21 | 000,002,263 | ---- | M] () -- C:\Documents and Settings\VANEK\Plocha\Google Chrome.lnk
[2013.01.22 18:57:36 | 000,445,044 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.22 18:57:36 | 000,442,570 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.01.22 18:57:36 | 000,084,636 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.01.22 18:57:36 | 000,072,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.01.22 18:49:56 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\VANEK\Plocha\RSIT.exe
[2013.01.22 18:45:50 | 000,000,155 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.01.22 18:27:03 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.01.22 16:45:27 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2013.01.22 16:38:49 | 000,000,403 | ---- | M] () -- C:\WINDOWS\wcx_ftp.ini
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.26 14:53:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.23 13:15:00 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.01.22 19:10:20 | 000,002,263 | ---- | C] () -- C:\Documents and Settings\VANEK\Plocha\Google Chrome.lnk
[2013.01.22 18:49:55 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\VANEK\Plocha\RSIT.exe
[2013.01.22 15:57:32 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2012.07.03 16:39:46 | 000,001,024 | ---- | C] () -- C:\Program Files\gncontent.cch
[2012.05.31 16:30:38 | 000,002,851 | ---- | C] () -- C:\Program Files\cdroms.cfg
[2012.05.31 16:30:32 | 000,119,808 | ---- | C] () -- C:\Program Files\waiting.avi
[2012.05.31 16:30:32 | 000,057,762 | ---- | C] () -- C:\Program Files\howto.chm
[2012.05.31 16:30:32 | 000,040,154 | ---- | C] () -- C:\Program Files\realplay.chm
[2012.05.31 16:30:32 | 000,027,278 | ---- | C] () -- C:\Program Files\frw.bmp
[2012.05.31 16:30:32 | 000,016,296 | ---- | C] () -- C:\Program Files\realtfon.fon
[2012.05.31 16:30:29 | 000,800,297 | ---- | C] () -- C:\Program Files\converter.vs
[2012.05.31 16:30:19 | 000,045,405 | ---- | C] () -- C:\Program Files\sharemedia.vs
[2012.05.31 16:30:18 | 000,001,209 | ---- | C] () -- C:\Program Files\flvplay.swf
[2012.05.31 16:30:07 | 000,028,013 | ---- | C] () -- C:\Program Files\RealNetworks License.html
[2012.05.31 16:30:06 | 000,028,013 | ---- | C] () -- C:\Program Files\playrlic.html
[2012.05.31 16:30:02 | 000,055,043 | ---- | C] () -- C:\Program Files\presets.rnx
[2012.05.31 16:30:02 | 000,000,480 | ---- | C] () -- C:\Program Files\keys.dat
[2012.05.31 16:29:59 | 000,937,248 | ---- | C] () -- C:\Program Files\normal.vs
[2012.05.31 16:29:59 | 000,061,495 | ---- | C] () -- C:\Program Files\ssimages.vs
[2012.05.31 16:29:49 | 000,001,030 | ---- | C] () -- C:\Program Files\autoplaylist.dat
[2012.05.31 16:29:49 | 000,000,050 | ---- | C] () -- C:\Program Files\strs23.dat
[2012.05.31 16:29:49 | 000,000,013 | ---- | C] () -- C:\Program Files\strs26.dat
[2012.05.31 16:29:45 | 000,427,405 | ---- | C] () -- C:\Program Files\calibrate.rv
[2012.05.31 16:29:45 | 000,017,846 | ---- | C] () -- C:\Program Files\videotest.rm
[2012.05.31 16:29:45 | 000,000,221 | ---- | C] () -- C:\Program Files\subscription.rnx
[2012.05.31 16:29:45 | 000,000,177 | ---- | C] () -- C:\Program Files\freeoffers.rnx
[2012.02.15 11:58:42 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.18 18:55:05 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.01.18 18:55:05 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.01.18 18:55:05 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.01.18 18:55:05 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.01.18 18:55:05 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.05.02 15:33:48 | 000,011,933 | ---- | C] () -- C:\Documents and Settings\VANEK\Data aplikací\SmarThruOptions.xml
[2011.05.02 15:33:18 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2011.05.02 15:33:11 | 000,000,124 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2011.05.02 15:33:08 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2011.05.02 15:32:15 | 000,482,408 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2011.05.02 15:31:32 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\sse1ml3.dll
[2011.05.02 15:30:12 | 000,113,768 | R--- | C] () -- C:\WINDOWS\WiaInst.exe
[2011.05.02 15:30:11 | 000,192,512 | R--- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2011.05.02 15:30:11 | 000,140,288 | R--- | C] () -- C:\WINDOWS\System32\SaXPEH.dll
[2011.05.02 15:30:11 | 000,138,240 | R--- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2011.05.02 15:30:11 | 000,117,248 | R--- | C] () -- C:\WINDOWS\System32\SaXPIPH.dll
[2011.05.02 15:30:11 | 000,087,552 | R--- | C] () -- C:\WINDOWS\System32\SaXPSTI.dll
[2009.10.18 13:07:43 | 000,000,075 | ---- | C] () -- C:\Documents and Settings\VANEK\Data aplikací\default.pls
[2009.07.20 17:08:29 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\VANEK\.rnd
[2009.06.10 22:36:52 | 000,197,120 | ---- | C] () -- C:\Documents and Settings\VANEK\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.05 05:46:34 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\VANEK\Local Settings\Data aplikací\fusioncache.dat

========== ZeroAccess Check ==========

[2009.05.30 15:22:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.12.19 13:26:30 | 001,870,336 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:59:24 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.12.13 16:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.11.28 17:47:38 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.05.03 08:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.05.03 09:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2009.08.24 23:54:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.29 16:44:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2009.06.01 12:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2009.07.03 16:40:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\VOWSoft
[2009.06.01 12:16:54 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2012.06.22 09:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Garmin
[2009.10.01 21:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\ICQ
[2011.01.16 12:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Image Zone Express
[2009.07.01 17:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\IrfanView
[2011.06.28 14:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Mikrotik
[2010.02.24 22:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Nokia
[2009.06.05 13:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Opera
[2012.09.16 10:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Oracle
[2009.08.24 23:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\PC Suite
[2009.08.01 11:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\QIP
[2011.05.02 15:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\SmarThru4
[2009.06.01 12:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\TuneUp Software
[2009.06.05 12:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.05.30 15:19:33 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.05.30 15:31:21 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.08.17 16:53:15 | 000,000,286 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
[2012.12.13 16:17:55 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.12.16 11:11:43 | 000,000,278 | ---- | C] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1547161642-682003330-1004.job

< >

< MD5 for: ATAPI.SYS >
[2008.12.26 22:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.12.26 22:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\Driver Cache\i386\cdrom.sys
[2008.05.02 11:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2008.05.02 10:49:39 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.12.19 13:43:58 | 001,486,336 | ---- | M] (Microsoft Corporation) MD5=D39127310CBAD1485EC5001A4ED1D853 -- C:\WINDOWS\explorer.exe

< MD5 for: HAL.DLL >
[2008.12.26 22:58:13 | 018,677,326 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\system32\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.12.14 15:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.12.14 15:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.12.14 15:44:16 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.12.19 13:29:10 | 000,557,056 | ---- | M] (Microsoft Corporation) MD5=12A799AD9415AE9C8ABCC5F75E9CF034 -- C:\WINDOWS\system32\winlogon.exe
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[10 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.06.06 10:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Adobe
[2009.06.07 08:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\AdobeUM
[2009.06.12 17:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\CyberLink
[2012.06.22 09:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Garmin
[2009.06.17 16:40:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Hamachi
[2010.07.21 13:38:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\HP
[2011.03.13 17:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\HpUpdate
[2009.10.01 21:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\ICQ
[2009.05.30 16:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Identities
[2011.01.16 12:08:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Image Zone Express
[2009.07.01 17:35:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\IrfanView
[2009.06.01 12:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Macromedia
[2009.12.19 14:54:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Malwarebytes
[2010.12.11 21:50:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Media Player Classic
[2011.09.20 13:20:07 | 000,000,000 | --SD | M] -- C:\Documents and Settings\VANEK\Data aplikací\Microsoft
[2009.06.01 12:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Microsoft Web Folders
[2011.06.28 14:41:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Mikrotik
[2009.11.23 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Mozilla
[2009.07.20 17:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Nero
[2010.02.24 22:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Nokia
[2009.06.05 13:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Opera
[2012.09.16 10:51:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Oracle
[2009.08.24 23:55:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\PC Suite
[2009.08.01 11:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\QIP
[2012.06.08 09:48:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Real
[2013.01.22 22:11:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Skype
[2010.12.15 16:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\skypePM
[2011.05.02 15:33:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\SmarThru4
[2009.12.06 16:14:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Sun
[2009.06.01 12:17:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\TuneUp Software
[2009.06.01 14:53:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\WinRAR
[2009.06.05 12:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\VANEK\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2010.12.14 21:25:50 | 000,506,024 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\setup3.13\setup.exe
[2011.01.27 08:43:42 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\setup3.14\setup.exe
[2012.09.27 19:17:57 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg0\rnupgagent.exe
[2012.10.09 19:45:19 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg1\rnupgagent.exe
[2012.10.22 11:33:07 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg2\rnupgagent.exe
[2012.11.07 15:34:49 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg3\rnupgagent.exe
[2012.12.16 18:05:24 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg4\rnupgagent.exe
[2012.12.26 10:56:44 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg5\rnupgagent.exe
[2013.01.03 10:56:55 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg6\rnupgagent.exe
[2013.01.12 16:40:24 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\temp\~Upg7\rnupgagent.exe
[2012.12.16 18:05:24 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
[2012.12.16 21:09:50 | 039,416,288 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_data\RealPlayer.exe
[2012.12.16 21:06:08 | 000,765,248 | ---- | M] (RealNetworks, Inc.) -- C:\Documents and Settings\VANEK\Data aplikací\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\stub_exe\RealPlayer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.01.25 16:17:01 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.01.25 15:01:50 | 000,000,278 | ---- | M] () -- C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-1547161642-682003330-1004.job
[2013.01.25 15:01:43 | 000,000,286 | ---- | M] () -- C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-1547161642-682003330-1004.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.09.12 14:15:14 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.05.30 16:35:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.05.30 16:35:46 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.05.30 16:35:46 | 000,503,808 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.25 15:01:22 | 000,201,044 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.01.25 15:01:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.08.13 18:53:07 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >
[2011.08.11 10:47:36 | 000,947,056 | ---- | M] (Opera Software) MD5=1BE8F8E2758C352280990A170DDD696D -- C:\Program Files\Opera\opera.exe

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.26 14:53:52 | 000,000,512 | ---- | M] () MD5=2E25EB29EE67B38F7BBC3CE81A4281EF -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.05.31 16:30:16 | 000,012,512 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012.05.31 16:30:16 | 000,000,319 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2010.07.28 22:10:23 | 000,000,054 | ---- | M] () -- \Documents and Settings\VANEK\Data aplikací\Macromedia\Flash Player\#SharedObjects\WQH8KNVR\media.mtvnservices.com\player\loader\loaderLogging.sol
[2010.12.23 00:17:26 | 000,000,121 | ---- | M] () -- \Documents and Settings\VANEK\Data aplikací\Macromedia\Flash Player\#SharedObjects\WQH8KNVR\service.cdn.videoplaza.com\com.videoplaza.bootloader.sol
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2008.06.24 12:45:14 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2010.11.04 09:37:28 | 000,335,872 | ---- | M] () -- \Program Files\Common Files\Nokia\Service Layer\A\nsl_loader.dll
[2010.10.28 13:29:30 | 000,131,072 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.03.01 11:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 11:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2009.06.07 08:49:33 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2009.09.28 14:59:58 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\coreg\preloader04.swf
[2009.08.03 16:03:59 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\my_xtraz\preloader04.swf
[2011.02.03 23:25:50 | 000,003,830 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\rps\preloader02.swf
[2011.02.03 22:53:54 | 000,003,830 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\slide-a-lama\preloader02.swf
[2011.02.03 23:45:51 | 000,003,830 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\zoopaloola\preloader02.swf
[2009.06.05 17:19:50 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2010.12.09 12:10:30 | 000,003,072 | ---- | M] () -- \Program Files\Nokia\Nokia PC Suite 7\Lang\MapLoader_cze.NLR
[2009.08.27 16:12:10 | 000,114,688 | ---- | M] () -- \Program Files\SmarThru 4\WebUploaderLib.dll
[2009.08.27 15:45:22 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\English\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:45:42 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\French\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:46:08 | 000,000,196 | ---- | M] () -- \Program Files\SmarThru 4\German\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:47:42 | 000,000,203 | ---- | M] () -- \Program Files\SmarThru 4\Hungarian\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:47:32 | 000,000,184 | ---- | M] () -- \Program Files\SmarThru 4\Chinese (Traditional)\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:45:00 | 000,000,178 | ---- | M] () -- \Program Files\SmarThru 4\Chinese\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:46:20 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Italian\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:46:30 | 000,000,191 | ---- | M] () -- \Program Files\SmarThru 4\Korean\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:48:00 | 000,000,194 | ---- | M] () -- \Program Files\SmarThru 4\Polish\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:47:00 | 000,000,190 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese (Brazilian)\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:47:10 | 000,000,192 | ---- | M] () -- \Program Files\SmarThru 4\Portuguese\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:46:40 | 000,000,200 | ---- | M] () -- \Program Files\SmarThru 4\Russian\SmarThruRes-WebUploaderLib.xml
[2009.08.27 15:46:48 | 000,000,193 | ---- | M] () -- \Program Files\SmarThru 4\Spanish\SmarThruRes-WebUploaderLib.xml
[2010.06.21 20:30:06 | 000,007,928 | ---- | M] () -- \Program Files\Sweet Home 3D\THIRDPARTY-LICENSE-LOADER3DS.TXT
[2010.06.21 20:30:06 | 000,050,157 | ---- | M] () -- \Program Files\Sweet Home 3D\lib\Loader3DS1_2u.jar
[2003.09.26 07:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 13:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 13:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 13:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2008.06.20 15:43:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.09.11 17:40:11 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2007.06.19 05:29:36 | 000,070,400 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

VIRY.CZ

pomaly PC, otevira se slozka pri startu PC,..

pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..

Re: pomaly PC, otevira se slozka pri startu PC,..