Prosím o kontrolu logu

[aaa_eli]

Stále mi to píše, že systém nemůže najít soubor frst.exe...

[vyosek]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

[aaa_eli]

OTL logfile created on: 1.8.2013 22:13:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bobo\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,97 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 37,71% Memory free
5,93 Gb Paging File | 3,51 Gb Available in Paging File | 59,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 22,49 Gb Free Space | 38,45% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 8,87 Gb Free Space | 15,14% Space Free | Partition Type: NTFS
Drive E: | 348,57 Gb Total Space | 6,74 Gb Free Space | 1,93% Space Free | Partition Type: NTFS

Computer Name: BOBO-PC | User Name: Bobo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.08.01 22:10:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bobo\Desktop\OTL.exe
PRC - [2013.07.24 13:47:17 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013.07.03 08:29:20 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.07.01 08:56:03 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.07.01 08:55:50 | 000,076,856 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.07.01 08:55:47 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.07.01 08:55:47 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.05.22 10:30:52 | 000,661,360 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\saUI.exe
PRC - [2013.05.22 10:23:58 | 000,101,552 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2013.05.10 09:57:24 | 001,465,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.07.26 14:16:12 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2011.06.15 14:13:40 | 007,341,560 | ---- | M] (Astonsoft Ltd) -- C:\Program Files\EssentialPIM\EssentialPIM.exe
PRC - [2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.12.03 21:28:08 | 000,026,112 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009.08.18 03:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2008.07.15 18:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2006.09.28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.03.15 18:52:48 | 001,572,864 | ---- | M] (Arovax) -- C:\Program Files\Arovax AntiSpyware\ArovaxAntiSpyware.exe
PRC - [2006.01.24 20:26:08 | 000,090,112 | ---- | M] () -- E:\Program Files\ShutDown v1.22a\shut_down.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.24 13:47:17 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2013.07.03 08:29:19 | 003,285,912 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.06.16 19:34:08 | 000,073,216 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Accessibility.CZE
MOD - [2013.05.29 11:39:50 | 000,013,824 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.CZE
MOD - [2013.05.29 11:39:37 | 000,097,792 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.CZE
MOD - [2013.05.29 11:39:36 | 001,133,568 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.CZE
MOD - [2013.05.29 11:39:36 | 000,300,544 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.CZE
MOD - [2013.05.29 11:39:35 | 001,284,096 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.CZE
MOD - [2013.05.29 11:39:22 | 000,022,016 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_SendMail.CZE
MOD - [2013.05.29 11:39:18 | 002,644,992 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.CZE
MOD - [2013.05.29 11:39:12 | 009,393,152 | ---- | M] () -- C:\Users\Bobo\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.cze
MOD - [2013.05.10 09:57:52 | 000,054,784 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\Locale\cs_CZ\BRdlang32.CZE
MOD - [2013.05.10 09:57:24 | 000,305,728 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012.07.27 22:51:34 | 006,549,432 | ---- | M] () -- C:\Program Files\Adobe\Reader 10.0\Reader\authplay.dll
MOD - [2012.01.09 20:44:20 | 000,166,912 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2006.01.24 20:26:08 | 000,090,112 | ---- | M] () -- E:\Program Files\ShutDown v1.22a\shut_down.exe


========== Services (SafeList) ==========

SRV - [2013.07.24 13:47:17 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.07.03 08:29:19 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.07.01 08:56:03 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.07.01 08:55:47 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.05.22 10:23:58 | 000,101,552 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.12.03 21:28:08 | 000,026,112 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.07.15 18:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2006.09.28 11:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewdcsc.sys -- (Huawei)
DRV - [2013.03.21 17:52:39 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.21 17:52:39 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.21 17:52:39 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.01.25 15:24:57 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.05.13 19:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2011.05.13 19:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2011.01.26 12:31:28 | 000,805,888 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SmiUsbGrabber3C.sys -- (SMIGrabber3C)
DRV - [2010.11.20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:20 | 000,117,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.01.26 18:38:06 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.09.28 10:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.08.18 04:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2003.05.14 20:42:56 | 000,021,216 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2003.05.14 20:42:28 | 000,023,040 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmUsbHid.sys -- (WmUsbHid)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-567258679-2763995973-1723957497-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-567258679-2763995973-1723957497-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-567258679-2763995973-1723957497-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-567258679-2763995973-1723957497-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-567258679-2763995973-1723957497-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.17
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.autoconfig_url: "http://goproxing.co.uk/"
FF - prefs.js..network.proxy.http: "http://www.fastwebview.info/"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.06.30 20:33:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.03 08:29:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.03 08:29:15 | 000,000,000 | ---D | M]

[2012.01.29 16:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobo\AppData\Roaming\Mozilla\Extensions
[2012.01.29 16:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobo\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2013.07.31 17:56:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bobo\AppData\Roaming\Mozilla\Firefox\Profiles\u1lfwjo8.default\extensions
[2013.07.24 00:57:46 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Bobo\AppData\Roaming\Mozilla\Firefox\Profiles\u1lfwjo8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.04.05 16:03:52 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Users\Bobo\AppData\Roaming\Mozilla\Firefox\Profiles\u1lfwjo8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013.07.31 17:56:33 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Bobo\AppData\Roaming\Mozilla\Firefox\Profiles\u1lfwjo8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.07.03 08:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.07.03 08:29:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.03 08:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.07.03 08:29:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.30 20:33:36 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2012.02.13 11:49:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2012.12.15 00:57:30 | 000,440,146 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15122 more lines...
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [Arovax AntiSpyware] C:\Program Files\Arovax AntiSpyware\arovaxantispyware.exe (Arovax)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [KeePass 2 PreLoad] E:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe ()
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKU\S-1-5-21-567258679-2763995973-1723957497-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-567258679-2763995973-1723957497-1000..\Run: [EssentialPIM] C:\Program Files\EssentialPIM\EssentialPIM.exe (Astonsoft Ltd)
O4 - HKU\S-1-5-21-567258679-2763995973-1723957497-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{037FFDF0-7E9C-44C1-91EF-D10FA7089E2B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBC72608-D628-4929-B87C-8BF4B7226B70}: NameServer = 10.1.1.0,10.1.1.100
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8329099a-76ac-11e1-895f-00247e8ca6d9}\Shell - "" = AutoRun
O33 - MountPoints2\{8329099a-76ac-11e1-895f-00247e8ca6d9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.08.01 22:10:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bobo\Desktop\OTL.exe
[2013.08.01 21:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Editor 2.0 Build 1011 + Patch
[2013.08.01 21:36:27 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit PDF Editor 2.0 Build 1011 + Patch
[2013.08.01 21:36:18 | 000,000,000 | ---D | C] -- C:\Users\Bobo\AppData\Local\Programs
[2013.08.01 21:25:31 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software
[2013.08.01 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Bobo\AppData\Local\qb10C53F96.2F
[2013.08.01 20:12:26 | 000,000,000 | ---D | C] -- C:\Users\Bobo\AppData\Local\qb10C4B40A.9A
[2013.07.31 16:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

========== Files - Modified Within 7 Days ==========

[2013.08.01 22:17:08 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.08.01 22:10:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bobo\Desktop\OTL.exe
[2013.08.01 21:45:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.08.01 21:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.08.01 21:36:30 | 000,001,341 | ---- | M] () -- C:\Users\Public\Desktop\Foxit PDF Editor 2.0 Build 1011 + Patch.lnk
[2013.08.01 21:25:32 | 000,001,111 | ---- | M] () -- C:\Users\Bobo\Desktop\Foxit PDF Editor.lnk
[2013.08.01 19:43:14 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.08.01 19:29:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.29 14:11:20 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.29 14:11:20 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.29 14:03:52 | 2387,816,448 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.28 14:18:31 | 000,691,192 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2013.07.28 14:18:31 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.07.28 14:18:31 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.28 14:18:31 | 000,132,940 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2013.07.28 14:18:31 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.07.28 14:18:31 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013.08.01 22:17:08 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.08.01 21:36:30 | 000,001,341 | ---- | C] () -- C:\Users\Public\Desktop\Foxit PDF Editor 2.0 Build 1011 + Patch.lnk
[2013.08.01 21:25:32 | 000,001,111 | ---- | C] () -- C:\Users\Bobo\Desktop\Foxit PDF Editor.lnk
[2013.05.21 21:06:43 | 000,000,037 | -HS- | C] () -- C:\Users\Bobo\AppData\Local\70149b02515b3bb20dd492.47983420
[2013.04.29 22:04:50 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2013.01.10 15:28:39 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2012.06.13 18:12:49 | 000,691,192 | ---- | C] () -- C:\Windows\System32\perfh013.dat
[2012.06.13 18:12:49 | 000,341,322 | ---- | C] () -- C:\Windows\System32\perfi013.dat
[2012.06.13 18:12:49 | 000,132,940 | ---- | C] () -- C:\Windows\System32\perfc013.dat
[2012.06.13 18:12:49 | 000,043,068 | ---- | C] () -- C:\Windows\System32\perfd013.dat
[2012.01.30 17:51:48 | 000,561,152 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2012.01.30 17:51:48 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2012.01.30 17:51:48 | 000,135,168 | ---- | C] () -- C:\Windows\System32\DVDIFOFilter.dll
[2012.01.25 03:01:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.06.16 14:42:30 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\BitTorrent
[2012.12.10 21:37:54 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\BSplayer
[2012.10.07 15:13:36 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\BSplayer Pro
[2013.04.29 22:05:00 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\CAD-KAS
[2012.01.25 15:28:00 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\DAEMON Tools Lite
[2013.07.27 11:41:17 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\EssentialPIM
[2013.06.03 15:12:26 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\FileZilla
[2013.07.26 09:53:04 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Garmin
[2012.03.07 21:45:07 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Kalypso Media
[2013.08.01 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\KeePass
[2012.04.12 18:18:20 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Telefónica Móviles
[2012.01.29 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\TomTom
[2012.03.29 21:47:28 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Tropico 3
[2012.12.09 11:37:52 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\TuneUp Software
[2012.12.22 19:01:18 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Ulead Systems
[2012.12.09 18:55:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012.12.09 18:55:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.07.15 08:23:30 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Garmin
[2013.02.26 14:21:15 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Ulead Systems

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 06:53:46 | 000,015,438 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.04.04 02:18:57 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.29 00:31:33 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.29 00:31:34 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 23:29:06 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 23:29:03 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\explorer.exe
[2010.11.20 23:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 23:29:19 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 23:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2010.11.20 23:29:20 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 18:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 18:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012.03.30 12:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2012.03.30 11:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 23:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 23:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.01.25 18:22:54 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Adobe
[2013.01.20 10:35:13 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Avira
[2013.06.16 14:42:30 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\BitTorrent
[2012.12.10 21:37:54 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\BSplayer
[2012.10.07 15:13:36 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\BSplayer Pro
[2013.04.29 22:05:00 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\CAD-KAS
[2012.01.25 15:28:00 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\DAEMON Tools Lite
[2012.12.17 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\DivX
[2013.07.27 11:41:17 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\EssentialPIM
[2013.06.03 15:12:26 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\FileZilla
[2013.07.26 09:53:04 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Garmin
[2012.01.25 03:07:54 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Identities
[2012.03.07 21:45:07 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Kalypso Media
[2013.08.01 22:12:29 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\KeePass
[2012.01.25 03:34:17 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Macromedia
[2010.11.21 03:24:45 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Media Center Programs
[2013.05.21 21:05:54 | 000,000,000 | --SD | M] -- C:\Users\Bobo\AppData\Roaming\Microsoft
[2012.01.25 03:21:32 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Mozilla
[2013.08.01 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Skype
[2012.04.12 18:18:20 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Telefónica Móviles
[2012.01.29 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\TomTom
[2012.03.29 21:47:28 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Tropico 3
[2012.12.09 11:37:52 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\TuneUp Software
[2012.12.22 19:01:18 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\Ulead Systems
[2013.07.28 14:10:07 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\vlc
[2012.01.25 14:56:29 | 000,000,000 | ---D | M] -- C:\Users\Bobo\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 17:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2012.10.21 13:23:19 | 030,587,640 | ---- | M] () -- C:\Users\Bobo\AppData\Roaming\TomTom\HOME\Profiles\zgyiaorm.default\Updates\v2_9_2_2837_win.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.08.01 21:42:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.08.01 19:43:14 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.08.01 21:45:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.01.19 19:08:34 | 003,477,312 | ---- | M] (DT Soft Ltd)
"TomTomHOME.exe" = "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -- [2012.07.26 14:16:12 | 000,247,768 | ---- | M] (TomTom)
"EssentialPIM" = "C:\Program Files\EssentialPIM\EssentialPIM.exe" /autorun -- [2011.06.15 14:13:40 | 007,341,560 | ---- | M] (Astonsoft Ltd)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 23:29:41 | 001,174,016 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.01.08 13:59:26 | 018,705,664 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.07.03 08:29:20 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=C8D28F8B498CADBB9445AC4545BD41B7 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.10.08 10:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.08.01 22:17:08 | 000,000,512 | ---- | M] () MD5=F745221604F6A767D1132048B32424F2 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2013.07.01 08:55:50 | 000,050,232 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.07.01 08:55:51 | 000,231,480 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.07.01 08:55:51 | 001,711,672 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2010.03.24 21:12:34 | 000,249,680 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 21:12:34 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.01.25 15:25:45 | 000,057,728 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012.01.25 15:25:45 | 000,057,728 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012.01.25 15:25:46 | 000,057,728 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012.01.25 15:25:46 | 000,057,728 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012.01.25 15:25:46 | 000,057,728 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012.01.25 15:25:46 | 000,061,770 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012.01.25 15:25:47 | 000,061,770 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013.07.24 13:46:52 | 000,000,723 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4V5TGK5\downloaderror[1].js
[2013.07.24 13:46:52 | 000,001,174 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X4V5TGK5\downloader[1].js
[2012.04.21 20:22:40 | 000,096,123 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M94FB2CV\jsloader-0ee490dfd35b[1].js
[2012.04.21 20:22:40 | 000,016,803 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M94FB2CV\jsloader-28c719e26174[1].js
[2012.04.22 13:23:08 | 000,000,404 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M94FB2CV\loader[1].gif
[2012.04.21 15:48:58 | 000,004,178 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TQX08RGM\ajax-loader[1].gif
[2012.06.17 11:04:59 | 000,027,777 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TQX08RGM\yuiloader-min[1].js
[2012.06.17 11:04:48 | 000,008,787 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TT44FVTT\ajax-loader2[1].gif
[2012.04.21 20:22:40 | 000,095,466 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TT44FVTT\cssloader-8a5e0188ecff[1].css
[2012.04.21 15:52:37 | 000,004,178 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XJ76RGHO\ajax-loader[1].gif
[2012.04.21 20:22:40 | 000,000,936 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XJ76RGHO\jsloader-dc1594d7ad52-_newsletterLightbox[1].js
[2012.04.21 20:22:40 | 000,015,036 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XJ76RGHO\jsloader-eae6dbbee88f-jquery.fancybox.pack[1].js
[2012.04.21 20:22:40 | 000,015,207 | ---- | M] () -- \Users\Bobo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\XJ76RGHO\jsloader-f6367e1430a0-jquery.countdown[1].js
[2013.01.07 14:08:34 | 000,002,608 | ---- | M] () -- \Users\Bobo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\9QQBDBXX\loader-gallery[1].gif
[2013.01.07 14:26:16 | 000,000,673 | ---- | M] () -- \Users\Bobo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\9QQBDBXX\loader.white[1].gif
[2013.01.07 14:26:27 | 000,000,673 | ---- | M] () -- \Users\Bobo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\BQI5NLKA\loader.white[1].gif
[2013.01.07 13:56:24 | 000,000,668 | ---- | M] () -- \Users\Bobo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\BQI5NLKA\loader[1].gif
[2013.01.07 14:34:37 | 000,003,885 | ---- | M] () -- \Users\Bobo\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\PHTCR3TI\loader[1].js
[2009.07.14 14:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2010.11.21 03:16:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2010.11.21 03:16:08 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2010.11.21 03:16:08 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2012.03.25 22:00:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2012.03.25 22:00:59 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2012.03.25 22:00:59 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2012.06.10 13:57:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb.manifest
[2012.06.10 13:57:50 | 000,035,392 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb_winload.exe.mui_3bc5b827
[2012.06.10 13:57:50 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb_winresume.exe.mui_ff8b5358
[2010.11.20 23:31:02 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2010.11.20 23:31:02 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2010.11.20 23:31:02 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 04:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 04:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2010.11.21 03:15:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.13 18:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009.07.13 18:59:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_nl-nl_2f7b0187ce5f67eb.manifest
[2010.11.20 23:23:54 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[aaa_eli]

OTL Extras logfile created on: 1.8.2013 22:13:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bobo\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,97 Gb Total Physical Memory | 1,12 Gb Available Physical Memory | 37,71% Memory free
5,93 Gb Paging File | 3,51 Gb Available in Paging File | 59,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,50 Gb Total Space | 22,49 Gb Free Space | 38,45% Space Free | Partition Type: NTFS
Drive D: | 58,59 Gb Total Space | 8,87 Gb Free Space | 15,14% Space Free | Partition Type: NTFS
Drive E: | 348,57 Gb Total Space | 6,74 Gb Free Space | 1,93% Space Free | Partition Type: NTFS

Computer Name: BOBO-PC | User Name: Bobo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-567258679-2763995973-1723957497-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15C4419D-8137-4688-BB16-FAB43CFD94A8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{29BBF332-55EB-4854-AC6F-A4C28E0F0361}" = rport=139 | protocol=6 | dir=out | app=system |
"{53D1EC26-A41E-40F4-B983-60034BD6E6E2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{57E85D8E-845A-4B87-BDD9-BA4F5E0A3FAA}" = rport=137 | protocol=17 | dir=out | app=system |
"{5A9CE7A8-2749-4F18-BEE9-F5E3F3F96242}" = rport=138 | protocol=17 | dir=out | app=system |
"{5AE887A7-2C96-42FA-AC5A-2088B92ACACB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C8A55C6-CB87-42CF-BE24-ACAB1751A9F4}" = rport=445 | protocol=6 | dir=out | app=system |
"{6B7B086D-CE50-42E6-B9A3-AE39FCA407E5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E5EA667-170B-41BF-B5ED-431A42A6E964}" = lport=138 | protocol=17 | dir=in | app=system |
"{7F973012-71E5-4C04-9418-541275F9C5FF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{862307A4-E6AF-490D-BFF4-65257B1E596E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{898B9379-3CB4-4FFC-BCA3-425107BC553E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0A7296E-20BA-45D6-8897-D85BCFAEFAD4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B3F26F23-5EB8-42F0-BD30-023C25833C3E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B887B40D-BF30-4E4F-9268-78C4658FD4FA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CE3887CB-8078-44E1-9951-E3155D27A73D}" = lport=137 | protocol=17 | dir=in | app=system |
"{CF739199-3855-4B21-9742-307524658B79}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CFA094FE-416F-4ACD-AE86-2B44266CEE25}" = lport=445 | protocol=6 | dir=in | app=system |
"{DE4B7887-AF19-4B08-9397-E2F95854DEA4}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E211C649-6BAA-4ED7-8B76-02C6C5E31855}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E633707D-DCD7-495D-A359-FADA6D2AC186}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CAE09E-FFE5-455E-A027-30664226298D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{11EAA34D-C4D6-4ACD-8478-5F56C23A9259}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{20A33D90-AB4B-466A-A122-7521ACF86523}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2106800B-4552-4741-B30D-F5DF781EF000}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6941C67D-3235-4EB8-9422-2C681FDFF5E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75D24DBB-C16D-4EFA-A5A1-B9A4A0709A08}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79989076-6C81-49B1-B58B-2311505CB0B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{885D022B-FEE5-4597-9814-F439F02FF133}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8AD9F00C-86DA-4920-A23A-9C001E80700E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8C9E0079-E928-4920-AFA5-FD8A1D77F005}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BD10CE8D-D832-4DAF-AC30-79E67A175FF7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C16F3473-E7AD-41D9-A9E8-E0E9906A688C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CC1A24DB-1783-44E5-B474-11ED5A93BBBB}" = protocol=6 | dir=out | app=system |
"{D8257EE1-A421-44EC-98F1-90DB73082C81}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DAE776BA-7155-4F19-9919-6B9389D44DD4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DBC570F7-3E19-4B2E-A695-5364001C6D4A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DF659949-71AE-4F59-8C80-23124BAE419E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E339B646-4ED8-41A5-ADF0-8CA9A96384F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EBF8969F-064C-4313-85B0-A147261BCB7D}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"TCP Query User{10CB42E0-FED5-470E-A271-4ADFC8FD2AF6}C:\users\bobo\appdata\local\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\users\bobo\appdata\local\screamer radio\screamer.exe |
"TCP Query User{261B3994-54D0-4E27-89CE-1554458D6310}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{31661428-0AA8-478B-A674-67764ACF7797}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{52829FEB-F78D-4249-BE4F-A76243FAD4FF}C:\program files\raimaradio\raimaradio.exe" = protocol=6 | dir=in | app=c:\program files\raimaradio\raimaradio.exe |
"TCP Query User{6BF2F946-DF33-4ED8-81A4-15C3B6325801}E:\program files\iwebradioplayer\iwebradioplayer.exe" = protocol=6 | dir=in | app=e:\program files\iwebradioplayer\iwebradioplayer.exe |
"TCP Query User{E1408C75-4F55-46B2-AD77-457EF7F5B5BF}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{F21946E5-9527-46BF-B9E7-3D3D201E566E}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{4BCAFCB7-735C-4BB3-AB0D-2EA6D04AA749}E:\program files\iwebradioplayer\iwebradioplayer.exe" = protocol=17 | dir=in | app=e:\program files\iwebradioplayer\iwebradioplayer.exe |
"UDP Query User{777A851E-FBE6-4D02-B1B3-37F197184489}C:\program files\raimaradio\raimaradio.exe" = protocol=17 | dir=in | app=c:\program files\raimaradio\raimaradio.exe |
"UDP Query User{8F1E7D26-B147-4FFB-8991-1C4806187BDA}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{C9CFBB0C-84A5-4AFD-BC6F-312F7272F5FF}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{CDDF8DBB-4FBA-4FD9-B16C-1327E4724C4E}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{E70573DF-6C4A-42A6-8B55-EAEA862F1AE4}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{FC7F1A08-5003-4ECE-AC16-E107F3F87612}C:\users\bobo\appdata\local\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\users\bobo\appdata\local\screamer radio\screamer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series" = Canon MP550 series MP Drivers
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7173DBE9-1FC7-48AA-B4B5-8E7BFE388325}" = Testy Autoškola
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{B03B98E3-2795-48F6-BA33-793BBF5DF685}" = SMI Grabber Device
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C678593F-86FE-8711-0624-D9B244F1B672}_is1" = Foxit PDF Editor 2.0 Build 1011 + Patch version for Windows
"{CDF246AE-C6E3-438F-AA76-21700DCC15F6}" = inSSIDer 3
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F8920179-066B-2CB4-A983-9D341B19081D}_is1" = Foxit PDF Editor 2.0 Build 1011 + Patch version for Windows
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Arovax AntiSpyware" = Arovax AntiSpyware 1.0.647 Beta
"Autoškola professional_is1" = Autoškola professional 3.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitTorrent" = BitTorrent
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Lite" = DAEMON Tools Lite
"EssentialPIM" = EssentialPIM
"FileZilla Client" = FileZilla Client 3.6.0.2
"Foxit PDF Editor" = Foxit PDF Editor
"Free FLV Converter_is1" = Free FLV Converter
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.17
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NetStress_is1" = NetStress 1.0.8245
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Editor 3" = PDF Editor 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR 4.10 (32-bit)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22.7.2013 5:09:16 | Computer Name = Bobo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 22.7.2013 5:09:17 | Computer Name = Bobo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 22.7.2013 5:09:24 | Computer Name = Bobo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 22.7.2013 5:13:54 | Computer Name = Bobo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 23.7.2013 18:24:02 | Computer Name = Bobo-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 23.7.2013 20:18:48 | Computer Name = Bobo-PC | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\program files\spybot - search
& destroy\DelZip179.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\spybot - search & destroy\DelZip179.dll na řádku 8. Hodnota * atributu language
v prvku assemblyIdentity je neplatná.

Error - 24.7.2013 4:23:07 | Computer Name = Bobo-PC | Source = WinMgmt | ID = 10
Description =

Error - 26.7.2013 3:50:35 | Computer Name = Bobo-PC | Source = WinMgmt | ID = 10
Description =

Error - 27.7.2013 8:17:13 | Computer Name = Bobo-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.7.2013 8:05:43 | Computer Name = Bobo-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 6.1.2013 11:32:18 | Computer Name = Bobo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 6.1.2013 17:45:35 | Computer Name = Bobo-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 6.1.2013 23:59:22 | Computer Name = Bobo-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 6.1.2013 23:59:22 | Computer Name = Bobo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 6.1.2013 23:59:25 | Computer Name = Bobo-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 6.1.2013 23:59:41 | Computer Name = Bobo-PC | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 7.1.2013 4:53:27 | Computer Name = Bobo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 7.1.2013 6:17:29 | Computer Name = Bobo-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 7.1.2013 6:52:27 | Computer Name = Bobo-PC | Source = Service Control Manager | ID = 7023
Description = Služba Instalační služba modulů systému Windows byla ukončena s následující
chybou: %%998

Error - 7.1.2013 6:52:57 | Computer Name = Bobo-PC | Source = DCOM | ID = 10010
Description =


< End of report >

[vyosek]

Prodávající se zaručil, že je to legální a

Tak se za nim zastavte, proc tedy na legalni systemy musi aplikovat legalizatory, utilitky, ktere to aktivuji a obchazi se tak licence.

Dale vam pak musi dat instalacni medium se seriovym cislem nebo nalepit COA stitek, nebo jak treba nyni prokazete obchodni inspekci, ze to mate legalni. Ze to instaloval nekdo, to je hezka pohadka, ale to vam nesezerou...

[aaa_eli]

Tak děkuji za velmi užitečnou odpověď. Místo, abyste mi pomohl, tak mě tady buzerujete, že asi nemám legální windows. Je mi to fuk, co tam je. Hlavně, že to šlape.

[vyosek]

Ze Vam je to jedno me nejak netizi, ale my tu mame sva pravidla, ktera jsme se zavazali dodrzovat i mezinaordni alianci ASAP. A dale nepodporuje piratsky SW, porusovani autorskych prav a tim pachani trestneho cinu.

A jedno z pravidel je, ze nelegalni operacni systemy neresime, ale to byste vedel, kdybyste se racil si pravidla fora precist...

A dale Vas nikdo nebuzeroval, nijak nevytykal ani netrestal - od toho je obchodni inspekce a nasledne organy cinne v trestnim rizeni. Ja jsem jen poukazal na to, ze system, ktery prodejce nainstaloval a zrejme si i nechal zaplatit, Vas nejspise podvedl a jen si shrabl penize....