skáče mi do vyhledavače deltasearch a avast se může zbláznit

Zpráva

J.Tonner · #16 Příspěvek od **J.Tonner** » 01 říj 2013 16:55

OTL logfile created on: 1.10.2013 17:32:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jiří Tonner\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,74% Memory free
2,60 Gb Paging File | 2,05 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 100,23 Gb Free Space | 67,25% Space Free | Partition Type: NTFS

Computer Name: JIRKA | User Name: Jiří Tonner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.10.01 17:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří Tonner\Plocha\OTL.exe
PRC - [2013.09.17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013.07.23 09:08:38 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013.06.28 09:26:16 | 000,086,016 | ---- | M] (Dassault Systèmes) -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
PRC - [2013.06.23 15:55:32 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2010.05.20 16:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2010.05.20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2008.04.14 05:22:22 | 001,247,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013.10.01 09:46:49 | 002,102,784 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13100100\algo.dll
MOD - [2013.09.17 05:21:27 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppgooglenaclpluginchrome.dll
MOD - [2013.09.17 05:21:25 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
MOD - [2013.09.17 05:20:31 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
MOD - [2013.08.16 14:06:51 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.14 21:48:26 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013.08.14 21:42:28 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013.08.14 21:42:19 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a12a09aaa2c560a808dea7eaba5040c1\System.Windows.Forms.ni.dll
MOD - [2013.08.14 21:41:53 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.14 21:39:48 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.08.14 21:27:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.07.11 21:58:24 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013.06.28 09:26:54 | 002,623,449 | ---- | M] () -- C:\Program Files\Dassault Systemes\DraftSight\bin\QtCore4.dll
MOD - [2013.06.28 09:26:54 | 000,948,185 | ---- | M] () -- C:\Program Files\Dassault Systemes\DraftSight\bin\QtNetwork4.dll
MOD - [2013.06.28 09:26:54 | 000,387,546 | ---- | M] () -- C:\Program Files\Dassault Systemes\DraftSight\bin\QtXml4.dll
MOD - [2012.09.08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
MOD - [2012.09.08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.10.02 16:41:38 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2007.09.20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2013.09.20 10:55:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013.06.28 09:26:16 | 000,086,016 | ---- | M] (Dassault Systèmes) [Auto | Running] -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe -- (DraftSight API Service)
SRV - [2013.06.23 15:55:32 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.05.20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008.09.30 19:03:45 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2006.12.14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 02:46:16 | 000,057,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JITONN~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.30 09:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.30 09:48:12 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2013.08.30 09:48:12 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.08.30 09:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.30 09:48:11 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.08.30 09:48:11 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013.03.13 19:01:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.06.27 10:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012.06.27 10:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2012.06.27 10:37:56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2012.06.27 10:37:56 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2012.06.27 10:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 08:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011.04.30 14:00:20 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010.10.01 09:35:36 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2010.05.20 16:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.30 11:50:52 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.01.20 09:07:58 | 000,033,292 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007.02.28 15:42:00 | 000,080,896 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2005.06.29 17:35:10 | 003,173,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005.05.23 13:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.05.23 13:30:48 | 000,178,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.05.23 13:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.05.03 08:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005.04.30 17:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2001.08.17 22:51:20 | 000,020,752 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
DRV - [2000.12.05 17:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\B5C76F0178FF47C69E968A14A93E7DB5: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLJ_cs
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.09.15 21:35:49 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\Ji\u0159\u00ED Tonner\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.09.30 21:19:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Jiří Tonner\Nabídka Start\Programy\Po spuštění\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Clip Image - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_23.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDow ... eqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2551E630-CAD5-4660-9B8F-7A2217742985}: NameServer = 89.203.153.10,89.203.153.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E00D4C58-D280-45DA-AACE-668F8BBBDF62}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.at3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.vorbis - C:\Program Files\ACE Mega CoDecS Pack\SystemS\OGG\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.ap41 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.div3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.div5 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.div6 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32f.dll (Hacked with Joy !)
Drivers32: vidc.divx - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\DivX520.dll (DivXNetworks, Inc.)
Drivers32: vidc.dvcp - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.dvx4 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\DivX4.dll (DivXNetworks, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.mpg3 - C:\Program Files\ACE Mega CoDecS Pack\SystemS\DivX\divxc32.dll (Hacked with Joy !)
Drivers32: vidc.sony - C:\Program Files\ACE Mega CoDecS Pack\SystemS\SONY\sonydv.dll (Sony Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.VP60 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\WINDOWS\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\WINDOWS\System32\vp7vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\Program Files\ACE Mega CoDecS Pack\SystemS\XviD\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.10.01 17:28:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jiří Tonner\Plocha\OTL.exe
[2013.09.30 20:49:06 | 000,000,000 | ---D | C] -- C:\FRST
[2013.09.30 20:14:58 | 000,111,616 | ---- | C] (forum.viry.cz) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRSTLauncher.exe
[2013.09.30 20:11:00 | 001,086,873 | ---- | C] (Farbar) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRST.exe
[2013.09.30 19:52:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.30 19:39:32 | 001,030,305 | ---- | C] (Thisisu) -- C:\Documents and Settings\Jiří Tonner\Plocha\JRT.exe
[2013.09.30 19:04:22 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.30 15:49:24 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jiří Tonner\Recent
[2013.09.28 20:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiří Tonner\Plocha\Janinka 2 roky

========== Files - Modified Within 7 Days ==========

[2013.10.01 17:35:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.01 17:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří Tonner\Plocha\OTL.exe
[2013.10.01 06:30:37 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.10.01 06:30:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.10.01 06:23:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.10.01 06:23:38 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.09.30 21:19:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.09.30 20:55:25 | 000,004,196 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\Addition.rar
[2013.09.30 20:47:05 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\MSGBOX.EXE
[2013.09.30 20:47:05 | 000,015,326 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat
[2013.09.30 20:14:59 | 000,111,616 | ---- | M] (forum.viry.cz) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRSTLauncher.exe
[2013.09.30 20:11:13 | 001,086,873 | ---- | M] (Farbar) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRST.exe
[2013.09.30 19:47:35 | 001,042,066 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\adwcleaner.exe
[2013.09.30 19:39:46 | 001,030,305 | ---- | M] (Thisisu) -- C:\Documents and Settings\Jiří Tonner\Plocha\JRT.exe
[2013.09.30 19:04:03 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\RSIT.exe
[2013.09.29 20:33:44 | 000,000,544 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2013.09.29 08:36:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.09.25 21:10:19 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\Microsoft Office Excel 2007.lnk

========== Files Created - No Company Name ==========

[2013.10.01 17:35:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.30 20:55:25 | 000,004,196 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\Addition.rar
[2013.09.30 20:47:05 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\MSGBOX.EXE
[2013.09.30 20:47:05 | 000,015,326 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat
[2013.09.30 19:47:31 | 001,042,066 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\adwcleaner.exe
[2013.09.30 19:03:57 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\RSIT.exe
[2013.06.28 11:03:27 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.26 21:39:20 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.26 21:39:18 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.03.20 20:49:26 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.20 20:49:25 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.11.15 17:42:50 | 000,057,904 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012.02.16 07:41:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.09 22:40:34 | 001,512,332 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-602162358-1390067357-725345543-1003-0.dat
[2012.02.02 23:03:04 | 000,399,106 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2010.08.22 21:13:39 | 000,280,066 | ---- | C] () -- C:\Program Files\Photoshop CS5 Beni Oku.pdf
[2010.08.22 21:13:39 | 000,280,010 | ---- | C] () -- C:\Program Files\Read Me Photoshop CS5.pdf
[2010.08.22 21:13:39 | 000,267,867 | ---- | C] () -- C:\Program Files\Photoshop CS5 – Čtěte.pdf
[2010.08.22 21:13:38 | 000,292,831 | ---- | C] () -- C:\Program Files\Photoshop CS5 - fontos tudnivalók.pdf
[2010.08.22 21:13:38 | 000,273,790 | ---- | C] () -- C:\Program Files\Photoshop CS5 - Czytaj mnie.pdf
[2009.05.18 16:10:54 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\$_hpcst$.hpc
[2009.02.05 19:05:55 | 000,004,116 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\mainhst.zgh
[2008.10.22 15:13:23 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\8B2B1CCDF4.sys
[2008.10.22 15:13:22 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2008.09.01 16:16:30 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DVDSubEdit.ini
[2008.03.30 11:07:53 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\default.pls
[2008.03.18 19:30:29 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\.rnd
[2007.12.06 16:12:47 | 000,240,640 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.30 12:48:47 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat

========== ZeroAccess Check ==========

[2008.01.03 15:11:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.06.26 19:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.03.20 20:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.12.08 17:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Dassault Systemes
[2008.09.30 19:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
[2010.10.21 20:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easy Driver Pro
[2012.02.02 20:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Freemake
[2009.07.08 17:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.09.22 20:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2010.10.13 19:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MemeoCommon
[2008.02.10 17:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.06.06 08:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Panasonic
[2008.01.22 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.08 17:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PCSettings
[2010.08.23 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2012.01.18 20:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2010.11.29 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.12.27 18:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\tmp
[2011.02.17 14:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\W3i
[2008.10.07 08:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009.09.11 09:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012.01.28 21:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\AnvSoft
[2010.01.13 19:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\BitTorrent
[2010.10.28 18:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\calibre
[2012.02.24 08:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.31 22:08:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Chromeflower
[2008.10.31 22:08:27 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\CrystalSpace
[2008.03.30 11:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DAEMON Tools
[2008.09.30 19:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DassaultSystemes
[2013.09.01 09:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DraftSight
[2013.06.26 19:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\driveridentifier
[2008.09.30 19:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\EDrawings
[2009.11.18 20:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Facebook
[2012.01.28 20:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\FreeAudioPack
[2012.01.28 19:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\FreeVideoConverter
[2009.04.03 12:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\GARMIN
[2008.08.24 20:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\ICQ
[2008.05.20 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\LangSoft
[2008.02.18 11:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Leadertech
[2012.11.16 21:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Maxthon3
[2008.08.19 18:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Nokia
[2009.08.30 16:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\PC Suite
[2010.09.14 16:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Seagate
[2012.11.14 21:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\SoundSpectrum
[2010.08.24 17:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.28 23:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Uniblue
[2012.01.30 19:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\uTorrent
[2011.01.03 20:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Desktop Search
[2008.01.03 18:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Live Writer
[2011.01.05 22:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Search
[2009.02.05 22:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\WordToPDF
[2009.08.11 21:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\ZipGenius
[2010.09.14 16:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Seagate

========== Purity Check ==========

========== Custom Scans ==========

< >
[2007.11.27 20:03:21 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2007.11.27 20:10:47 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.09.06 13:53:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.09.06 13:53:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.09.06 13:53:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.09.06 13:53:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2011.02.08 03:16:22 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,247,232 | ---- | M] (Microsoft Corporation) MD5=C719E59B185E4E91ED301C90B911350D -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,247,232 | ---- | M] (Microsoft Corporation) MD5=C719E59B185E4E91ED301C90B911350D -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.09.06 13:53:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.09.06 13:53:06 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: SCECLI.DLL >
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 05:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >
[2011.12.08 17:09:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Dassault Systemes
[2010.01.04 09:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.02.26 19:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Adobe
[2010.08.24 17:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Adobe Mini Bridge CS5
[2008.02.07 17:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\AdobeUM
[2012.01.28 21:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\AnvSoft
[2013.06.04 17:17:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Apple Computer
[2010.01.13 19:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\BitTorrent
[2010.10.28 18:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\calibre
[2012.02.24 08:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.31 22:08:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Chromeflower
[2008.11.01 20:39:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Corel
[2008.10.31 22:08:27 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\CrystalSpace
[2008.03.30 11:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DAEMON Tools
[2008.09.30 19:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DassaultSystemes
[2013.09.01 09:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DraftSight
[2013.06.26 19:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\driveridentifier
[2008.09.30 19:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\EDrawings
[2009.11.18 20:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Facebook
[2012.01.28 20:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\FreeAudioPack
[2012.01.28 19:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\FreeVideoConverter
[2009.04.03 12:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\GARMIN
[2007.11.30 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Google
[2012.07.04 11:38:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\HpUpdate
[2008.08.24 20:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\ICQ
[2007.11.27 20:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Identities
[2010.06.06 11:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\InstallShield
[2008.05.20 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\LangSoft
[2008.02.18 11:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Leadertech
[2010.06.06 12:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Logishrd
[2010.06.06 12:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Logitech
[2010.11.24 19:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Macromedia
[2012.02.24 21:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Malwarebytes
[2012.11.16 21:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Maxthon3
[2011.02.26 19:38:32 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Microsoft
[2012.11.16 21:51:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Mozilla
[2008.03.15 22:18:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Nero
[2008.05.25 15:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\NeroDigital™
[2008.08.19 18:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Nokia
[2009.08.30 16:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\PC Suite
[2011.12.07 21:40:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Real
[2010.09.14 16:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Seagate
[2013.09.20 18:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Skype
[2011.07.01 05:12:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\skypePM
[2007.12.31 11:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Sony Corporation
[2012.11.14 21:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\SoundSpectrum
[2010.08.24 17:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2008.06.20 11:08:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Sun
[2008.07.13 13:07:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\SUPERAntiSpyware.com
[2009.07.08 17:06:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Symantec
[2012.01.28 23:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Uniblue
[2012.01.30 19:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\uTorrent
[2011.01.03 20:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Desktop Search
[2008.01.03 18:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Live Writer
[2011.01.05 22:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Search
[2007.12.24 12:14:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\WinRAR
[2009.02.05 22:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\WordToPDF
[2009.08.11 21:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\ZipGenius

< %APPDATA%\*.exe /s >
[2009.11.18 19:30:21 | 000,031,236 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Facebook\uninstall.exe
[2013.04.17 17:12:29 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.03.22 14:27:20 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.03.30 11:50:52 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2007.11.27 21:58:51 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.11.27 21:58:51 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.11.27 21:58:51 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.10.01 06:30:37 | 000,022,745 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.10.01 06:30:31 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.09.17 05:21:30 | 000,829,392 | ---- | M] (Google Inc.) MD5=E7148BB584830E51AFD414CE9AEAE74C -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.10.01 17:35:09 | 000,000,512 | ---- | M] () MD5=2CD8CA30F6D4A8B78E72D5EB42CF2BEB -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2012.12.04 18:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 18:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 18:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2013.04.20 21:57:12 | 000,000,831 | ---- | M] () -- \Program Files\Evernote\Evernote\EvernoteIERes\scripts\ContextMenuLoader.js
[2012.12.13 15:00:54 | 000,000,309 | ---- | M] () -- \Program Files\Evernote\Evernote\EvernoteIERes\scripts\JQueryLoader.js
[2012.12.27 12:01:46 | 000,001,884 | ---- | M] () -- \Program Files\Evernote\Evernote\EvernoteIERes\scripts\Loader.js
[2013.04.20 21:57:12 | 000,000,604 | ---- | M] () -- \Program Files\Evernote\Evernote\EvernoteIERes\scripts\NotebooksLoader.js
[2013.02.19 14:03:20 | 000,001,308 | ---- | M] () -- \Program Files\Evernote\Evernote\EvernoteIERes\scripts\TagsCachedLoader.js
[2013.02.09 03:39:28 | 000,000,934 | ---- | M] () -- \Program Files\Google\Picasa3\runtime\gpuploader_main.fen
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 1050 J410 series\Bin\HelpViewer\Resources\Loader.gif
[2012.08.31 04:27:28 | 000,057,216 | ---- | M] () -- \Program Files\Maxthon3\Bin\MxAppLoader.exe
[2012.08.31 04:27:29 | 000,781,696 | ---- | M] () -- \Program Files\Maxthon3\Bin\MxDownloader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer1431\ImLoader.dll
[2006.12.23 18:37:56 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2009.11.11 21:06:43 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2010.10.22 13:43:22 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.10.22 13:46:42 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< End of report >

J.Tonner · #17 Příspěvek od **J.Tonner** » 01 říj 2013 16:56

OTL Extras logfile created on: 1.10.2013 17:32:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jiří Tonner\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 70,74% Memory free
2,60 Gb Paging File | 2,05 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 100,23 Gb Free Space | 67,25% Space Free | Partition Type: NTFS

Computer Name: JIRKA | User Name: Jiří Tonner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- C:\Program Files\Maxthon3\Bin\Maxthon.exe (Maxthon International ltd.)

[HKEY_USERS\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- "C:\Program Files\Maxthon3\Bin\Maxthon.exe" "%1" (Maxthon International ltd.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"25132:TCP" = 25132:TCP:*:Disabled:BitComet 25132 TCP
"25132:UDP" = 25132:UDP:*:Disabled:BitComet 25132 UDP
"990:TCP" = 990:TCP:*:Disabled:ActiveSync
"5679:UDP" = 5679:UDP:*:Disabled:ActiveSync
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeExp.exe" = C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"C:\Program Files\Windows Media Player\wmplayer.exe" = C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe" = C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe:*:Disabled:Adobe Bridge CS5
"C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe" = C:\Program Files\Adobe\Adobe Device Central CS5\DeviceCentral.exe:*:Disabled:Adobe Device Central CS5
"C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe" = C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe:*:Disabled:Adobe ExtendScript Toolkit 2
"C:\Program Files\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe" = C:\Program Files\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe:*:Disabled:Adobe Extension Manager CS5
"C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe" = C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe:*:Disabled:Adobe Photoshop CS5
"C:\Program Files\Adobe\Adobe Help\Adobe Help.exe" = C:\Program Files\Adobe\Adobe Help\Adobe Help.exe:*:Enabled:Adobe Help
"C:\Program Files\Adobe Media Player\Adobe Media Player.exe" = C:\Program Files\Adobe Media Player\Adobe Media Player.exe:*:Enabled:Adobe Media Player -- ()
"C:\Program Files\Microsoft LifeCam\LifeCam.exe" = C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeEnC2.exe" = C:\Program Files\Microsoft LifeCam\LifeEnC2.exe:*:Enabled:LifeEnC2.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft LifeCam\LifeTray.exe" = C:\Program Files\Microsoft LifeCam\LifeTray.exe:*:Enabled:LifeTray.exe -- (Microsoft Corporation)
"C:\Program Files\Yamicsoft\WinXP Manager\1-ClickCleaner.exe" = C:\Program Files\Yamicsoft\WinXP Manager\1-ClickCleaner.exe:*:Disabled:1-Click Cleaner
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Disabled:Nero Home
"C:\Program Files\Maxthon3\Bin\Maxthon.exe" = C:\Program Files\Maxthon3\Bin\Maxthon.exe:*:Enabled:Maxthon -- (Maxthon International ltd.)
"C:\Program Files\Maxthon3\Bin\MxUp.exe" = C:\Program Files\Maxthon3\Bin\MxUp.exe:*:Enabled:MxUp -- (Maxthon International ltd.)
"C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe" = C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:Instalace zařízení HP -- (Hewlett-Packard Co.)
"C:\Program Files\PANDORA.TV\PanService\PanProcess.exe" = C:\Program Files\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe" = C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe:*:Enabled:KMPProcess
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe" = C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 23
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Nápověda
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{61D6E4FB-1A62-4EB1-BE56-929B00C155CF}" = Wireless LAN Starter
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9EF18017-89DE-4ADB-B163-49425E9D901F}" = DraftSight
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}" = Evernote v. 4.6.7
"{A9FE59F0-5BFA-4FDF-84C6-F45457715379}" = InstallIQ Updater
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.04) - Czech
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2297D80-241F-405D-98D9-A9F56B03967C}" = Základní software zařízení HP Deskjet 1050 J410 series
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1150)
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}" = LAN-Express AS IEEE 802.11 Wireless LAN
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Internet Security
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_20030003" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CS Codec Solution_is1" = CS Codec Solution 1.10
"CTScheduler" = CTScheduler (remove only)
"CTSchedulerLite" = CTSchedulerLite (remove only)
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Magic ISO Maker v5.4 (build 0251)" = Magic ISO Maker v5.4 (build 0251)
"Maxthon3" = Maxthon 3
"MBSS Starfields_is1" = MBSS Starfields 2.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Speccy" = Speccy
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows Mobile Device Handbook" = Windows Mobile Resources
"WinRAR archiver" = WinRAR
"winusb0100" = Microsoft WinUsb 1.0
"winusb0200" = Microsoft WinUsb 2.0

========== Last 20 Event Log Errors ==========

[ OSession Events ]
Error - 25.9.2009 8:51:17 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30.9.2009 5:46:35 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30.9.2009 5:46:46 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13.10.2009 12:55:42 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 47
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13.10.2009 12:56:17 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 13.10.2009 12:58:09 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 93
seconds with 60 seconds of active time. This session ended with a crash.

Error - 16.10.2009 15:07:01 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20.10.2009 11:28:02 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 41
seconds with 0 seconds of active time. This session ended with a crash.

Error - 20.10.2009 11:28:12 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2.11.2009 14:50:01 | Computer Name = JIRKA | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 95
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 11.9.2013 21:09:37 | Computer Name = JIRKA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (120000 milisekund) čekání na připojení služby
Windows Search.

Error - 11.9.2013 21:09:37 | Computer Name = JIRKA | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 11.9.2013 21:09:38 | Computer Name = JIRKA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (120000 milisekund) čekání na připojení služby
Windows Search.

Error - 11.9.2013 21:09:38 | Computer Name = JIRKA | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 11.9.2013 21:10:07 | Computer Name = JIRKA | Source = DCOM | ID = 10010
Description = Server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 11.9.2013 21:11:30 | Computer Name = JIRKA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1053 při pokusu o spuštění služby WSearch
s argumenty za účelem spuštění serveru: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error - 11.9.2013 21:11:30 | Computer Name = JIRKA | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (120000 milisekund) čekání na připojení služby
Windows Search.

Error - 11.9.2013 21:11:30 | Computer Name = JIRKA | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 15.9.2013 14:53:21 | Computer Name = JIRKA | Source = WPDMTPDriver | ID = 80836
Description = MTP WPD Driver has failed to start. Error 0x8007001f.

Error - 1.10.2013 0:24:41 | Computer Name = JIRKA | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

< End of report >

J.Tonner · #18 Příspěvek od **J.Tonner** » 01 říj 2013 18:47

stále stejná písnička...

#19 Příspěvek od **vyosek** » 01 říj 2013 21:16

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JITONN~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLJ_cs&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\B5C76F0178FF47C69E968A14A93E7DB5: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLJ_cs
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
3.09.30 20:47:05 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\MSGBOX.EXE
[2013.09.30 20:47:05 | 000,015,326 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat
[2008.10.22 15:13:23 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\8B2B1CCDF4.sys
[2008.10.22 15:13:22 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

J.Tonner · #20 Příspěvek od **J.Tonner** » 02 říj 2013 05:44

OTL logfile created on: 2.10.2013 6:36:51 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jiří Tonner\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 77,94% Memory free
2,60 Gb Paging File | 2,25 Gb Available in Paging File | 86,45% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 100,15 Gb Free Space | 67,19% Space Free | Partition Type: NTFS

Computer Name: JIRKA | User Name: Jiří Tonner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.10.01 17:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří Tonner\Plocha\OTL.exe
PRC - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.08.30 09:47:34 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2013.07.23 09:08:38 | 001,089,888 | ---- | M] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) -- C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
PRC - [2013.06.28 09:26:16 | 000,086,016 | ---- | M] (Dassault Systèmes) -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
PRC - [2013.06.23 15:55:32 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2010.05.20 16:27:24 | 000,762,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2010.05.20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2008.04.14 05:22:22 | 001,247,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013.10.01 22:41:08 | 002,102,784 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13100103\algo.dll
MOD - [2013.08.16 14:06:51 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15fd2d2f4e709154b44187a6915db244\System.ServiceProcess.ni.dll
MOD - [2013.08.14 21:48:26 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\14d1a28674a9f78c5759e7dcf74a13fd\System.Configuration.ni.dll
MOD - [2013.08.14 21:42:28 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f93600ac836b9140e1df13bb0f6bfccf\System.Xml.ni.dll
MOD - [2013.08.14 21:42:19 | 012,434,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a12a09aaa2c560a808dea7eaba5040c1\System.Windows.Forms.ni.dll
MOD - [2013.08.14 21:41:53 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b34cb206ab0cec687c3730b14cdff57\System.Drawing.ni.dll
MOD - [2013.08.14 21:39:48 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\10df39542df7d48462451fc39bce8418\System.ni.dll
MOD - [2013.08.14 21:27:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2013.07.11 21:58:24 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\b14359470744c840c59fbe4e58034fd6\mscorlib.ni.dll
MOD - [2013.06.28 09:26:54 | 002,623,449 | ---- | M] () -- C:\Program Files\Dassault Systemes\DraftSight\bin\QtCore4.dll
MOD - [2013.06.28 09:26:54 | 000,948,185 | ---- | M] () -- C:\Program Files\Dassault Systemes\DraftSight\bin\QtNetwork4.dll
MOD - [2013.06.28 09:26:54 | 000,387,546 | ---- | M] () -- C:\Program Files\Dassault Systemes\DraftSight\bin\QtXml4.dll
MOD - [2012.09.08 13:16:30 | 000,433,664 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libxml2.dll
MOD - [2012.09.08 13:16:20 | 000,315,392 | ---- | M] () -- C:\Program Files\Evernote\Evernote\libtidy.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2013.09.20 10:55:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.08.30 09:47:33 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.08.30 09:47:31 | 000,137,960 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2013.06.28 09:26:16 | 000,086,016 | ---- | M] (Dassault Systèmes) [Auto | Running] -- C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe -- (DraftSight API Service)
SRV - [2013.06.23 15:55:32 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010.05.20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010.04.30 16:47:00 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2008.09.30 19:03:45 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2006.12.14 03:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006.12.14 03:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006.12.14 02:46:16 | 000,057,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JITONN~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - [2013.08.30 09:48:13 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.08.30 09:48:13 | 000,177,864 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.08.30 09:48:13 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.08.30 09:48:12 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.08.30 09:48:12 | 000,204,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2013.08.30 09:48:12 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.08.30 09:48:12 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.30 09:48:11 | 000,104,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswFW.sys -- (aswFW)
DRV - [2013.08.30 09:48:11 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.08.30 09:48:11 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.08.30 09:48:11 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013.03.13 19:01:58 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.06.27 10:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012.06.27 10:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2012.06.27 10:37:56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2012.06.27 10:37:56 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2012.06.27 10:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 08:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2011.04.30 14:00:20 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2010.10.01 09:35:36 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2010.05.20 16:27:26 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2009.07.13 17:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.30 11:50:52 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.01.20 09:07:58 | 000,033,292 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007.02.28 15:42:00 | 000,080,896 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifmsony.sys -- (tifmsony)
DRV - [2005.06.29 17:35:10 | 003,173,888 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2005.05.23 13:31:46 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.05.23 13:30:48 | 000,178,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.05.23 13:30:42 | 000,716,288 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.05.03 08:03:54 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005.04.30 17:01:56 | 003,281,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2001.08.17 22:51:20 | 000,020,752 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyNC.sys -- (SNC)
DRV - [2000.12.05 17:18:02 | 000,003,952 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\B5C76F0178FF47C69E968A14A93E7DB5: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLJ_cs
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.09.15 21:35:49 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Documents and Settings\Ji\u0159\u00ED Tonner\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Disk Google = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.09.30 21:19:53 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Evernote extension) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\Jiří Tonner\Nabídka Start\Programy\Po spuštění\EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-602162358-1390067357-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Clip Image - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Clip selection - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip this page - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Clip URL - C:\Program Files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Nová poznámka - C:\Program Files\Evernote\Evernote\\EvernoteIERes\NewNote.html ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_23.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\\EvernoteIERes\AddNote.html ()
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/ ... ontrol.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDow ... eqlab2.cab (System Requirements Lab Class)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2551E630-CAD5-4660-9B8F-7A2217742985}: NameServer = 89.203.153.10,89.203.153.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E00D4C58-D280-45DA-AACE-668F8BBBDF62}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\WINDOWS\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 7 Days ==========

[2013.10.01 20:22:36 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jiří Tonner\Recent
[2013.10.01 17:28:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jiří Tonner\Plocha\OTL.exe
[2013.09.30 20:49:06 | 000,000,000 | ---D | C] -- C:\FRST
[2013.09.30 20:14:58 | 000,111,616 | ---- | C] (forum.viry.cz) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRSTLauncher.exe
[2013.09.30 20:11:00 | 001,086,873 | ---- | C] (Farbar) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRST.exe
[2013.09.30 19:52:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.30 19:39:32 | 001,030,305 | ---- | C] (Thisisu) -- C:\Documents and Settings\Jiří Tonner\Plocha\JRT.exe
[2013.09.30 19:04:22 | 000,000,000 | ---D | C] -- C:\rsit
[2013.09.28 20:43:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jiří Tonner\Plocha\Janinka 2 roky

========== Files - Modified Within 7 Days ==========

[2013.10.02 06:22:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.10.02 06:22:02 | 000,022,745 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.10.02 06:21:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.10.02 06:21:36 | 2145,898,496 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.01 17:35:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.10.01 17:28:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jiří Tonner\Plocha\OTL.exe
[2013.09.30 21:19:53 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.09.30 20:55:25 | 000,004,196 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\Addition.rar
[2013.09.30 20:47:05 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\MSGBOX.EXE
[2013.09.30 20:47:05 | 000,015,326 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat
[2013.09.30 20:14:59 | 000,111,616 | ---- | M] (forum.viry.cz) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRSTLauncher.exe
[2013.09.30 20:11:13 | 001,086,873 | ---- | M] (Farbar) -- C:\Documents and Settings\Jiří Tonner\Plocha\FRST.exe
[2013.09.30 19:47:35 | 001,042,066 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\adwcleaner.exe
[2013.09.30 19:39:46 | 001,030,305 | ---- | M] (Thisisu) -- C:\Documents and Settings\Jiří Tonner\Plocha\JRT.exe
[2013.09.30 19:04:03 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\RSIT.exe
[2013.09.29 20:33:44 | 000,000,544 | ---- | M] () -- C:\WINDOWS\zipgenius.xml
[2013.09.29 08:36:12 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
[2013.09.25 21:10:19 | 000,002,473 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\Microsoft Office Excel 2007.lnk

========== Files Created - No Company Name ==========

[2013.10.01 17:35:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.09.30 20:55:25 | 000,004,196 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\Addition.rar
[2013.09.30 20:47:05 | 000,029,696 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\MSGBOX.EXE
[2013.09.30 20:47:05 | 000,015,326 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat
[2013.09.30 19:47:31 | 001,042,066 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\adwcleaner.exe
[2013.09.30 19:03:57 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Plocha\RSIT.exe
[2013.06.28 11:03:27 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.26 21:39:20 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.26 21:39:18 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.03.20 20:49:26 | 000,177,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.20 20:49:25 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.11.15 17:42:50 | 000,057,904 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012.02.16 07:41:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.09 22:40:34 | 001,512,332 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-602162358-1390067357-725345543-1003-0.dat
[2012.02.02 23:03:04 | 000,399,106 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2010.08.22 21:13:39 | 000,280,066 | ---- | C] () -- C:\Program Files\Photoshop CS5 Beni Oku.pdf
[2010.08.22 21:13:39 | 000,280,010 | ---- | C] () -- C:\Program Files\Read Me Photoshop CS5.pdf
[2010.08.22 21:13:39 | 000,267,867 | ---- | C] () -- C:\Program Files\Photoshop CS5 – Čtěte.pdf
[2010.08.22 21:13:38 | 000,292,831 | ---- | C] () -- C:\Program Files\Photoshop CS5 - fontos tudnivalók.pdf
[2010.08.22 21:13:38 | 000,273,790 | ---- | C] () -- C:\Program Files\Photoshop CS5 - Czytaj mnie.pdf
[2009.05.18 16:10:54 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\$_hpcst$.hpc
[2009.02.05 19:05:55 | 000,004,116 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\mainhst.zgh
[2008.10.22 15:13:23 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\8B2B1CCDF4.sys
[2008.10.22 15:13:22 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2008.09.01 16:16:30 | 000,000,763 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DVDSubEdit.ini
[2008.03.30 11:07:53 | 000,001,486 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\default.pls
[2008.03.18 19:30:29 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\.rnd
[2007.12.06 16:12:47 | 000,240,640 | ---- | C] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.30 12:48:47 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat

========== ZeroAccess Check ==========

[2008.01.03 15:11:59 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.06.26 19:25:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.03.20 20:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.12.08 17:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Dassault Systemes
[2008.09.30 19:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
[2010.10.21 20:49:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easy Driver Pro
[2012.02.02 20:39:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Freemake
[2009.07.08 17:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2009.09.22 20:00:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2010.10.13 19:53:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MemeoCommon
[2008.02.10 17:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2010.06.06 08:57:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Panasonic
[2008.01.22 16:09:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.07.08 17:03:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PCSettings
[2010.08.23 17:49:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2012.01.18 20:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2010.11.29 20:16:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.12.27 18:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\tmp
[2011.02.17 14:49:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\W3i
[2008.10.07 08:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2009.09.11 09:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{7B6BA59A-FB0E-4499-8536-A7420338BF3B}
[2012.01.28 21:31:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\AnvSoft
[2010.01.13 19:38:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\BitTorrent
[2010.10.28 18:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\calibre
[2012.02.24 08:57:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008.10.31 22:08:48 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Chromeflower
[2008.10.31 22:08:27 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\CrystalSpace
[2008.03.30 11:50:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DAEMON Tools
[2008.09.30 19:04:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DassaultSystemes
[2013.09.01 09:34:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\DraftSight
[2013.06.26 19:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\driveridentifier
[2008.09.30 19:05:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\EDrawings
[2009.11.18 20:20:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Facebook
[2012.01.28 20:42:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\FreeAudioPack
[2012.01.28 19:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\FreeVideoConverter
[2009.04.03 12:19:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\GARMIN
[2008.08.24 20:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\ICQ
[2008.05.20 18:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\LangSoft
[2008.02.18 11:38:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Leadertech
[2012.11.16 21:44:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Maxthon3
[2008.08.19 18:53:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Nokia
[2009.08.30 16:03:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\PC Suite
[2010.09.14 16:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Seagate
[2012.11.14 21:53:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\SoundSpectrum
[2010.08.24 17:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.01.28 23:06:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Uniblue
[2012.01.30 19:27:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\uTorrent
[2011.01.03 20:45:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Desktop Search
[2008.01.03 18:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Live Writer
[2011.01.05 22:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\Windows Search
[2009.02.05 22:10:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\WordToPDF
[2009.08.11 21:54:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jiří Tonner\Data aplikací\ZipGenius
[2010.09.14 16:02:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Seagate

========== Purity Check ==========

========== Custom Scans ==========

< :otl >
[2007.11.27 20:03:21 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2007.11.27 20:10:47 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) >

< DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisPT) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nlndis.sys -- (NLNdisMP) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus) >

< DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) >

< DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) >

< DRV - File not found [Kernel | System | Stopped] -- -- (Changer) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\ANDROIDUSB.sys -- (HTCAND32) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\JITONN~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btwusb.sys -- (BTWUSB) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver) >

< DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio) >

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie >
Invalid Switch: ie

< IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >

< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC >

< IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes,DefaultScope = >

< IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7 >

< IE - HKU\S-1-5-21-602162358-1390067357-725345543-1003\..\SearchScopes\B5C76F0178FF47C69E968A14A93E7DB5: "URL" = http://www.google.com/search?q={searchT ... 1I7GGLJ_cs >

< O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present >

< 3.09.30 20:47:05 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Local Settings\Data aplikací\MSGBOX.EXE >

< [2013.09.30 20:47:05 | 000,015,326 | ---- | M] () -- C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat >

< [2008.10.22 15:13:23 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\8B2B1CCDF4.sys >

< [2008.10.22 15:13:22 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys >

< [16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] >

< [10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ] >

< [1 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ] >

< CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} >

< CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter} >

< >

< :files >

< %windir%\system32\*.tmp.dll /s >

< %windir%\system32\SET*.tmp /s >

< %windir%\*.tmp >

< >

< :commands >

< [RESETHOSTS] >

< [EMPTYTEMP] >

< [EMPTYFLASH] >

< [EMPTYJAVA] >

< End of report >

J.Tonner · #21 Příspěvek od **J.Tonner** » 02 říj 2013 05:44

restart neproběhl...

#22 Příspěvek od **vyosek** » 02 říj 2013 06:55

Jelikoz jste kliknul na blbe tlacitko...Dal jste opte prohledat, ale mel jste dat Opravit

J.Tonner · #23 Příspěvek od **J.Tonner** » 02 říj 2013 08:33

ajejej, to je ale vůl

hned jak se k tomu dostanu, pošlu, po ránu bývám nepoužitelný k praktickému životu

J.Tonner · #24 Příspěvek od **J.Tonner** » 02 říj 2013 16:08

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service USBAAPL stopped successfully!
Service USBAAPL deleted successfully!
File System32\Drivers\usbaapl.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service NLNdisPT stopped successfully!
Service NLNdisPT deleted successfully!
File system32\DRIVERS\nlndis.sys not found.
Service NLNdisMP stopped successfully!
Service NLNdisMP deleted successfully!
File system32\DRIVERS\nlndis.sys not found.
Service mcdbus stopped successfully!
Service mcdbus deleted successfully!
File system32\DRIVERS\mcdbus.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service HTCAND32 stopped successfully!
Service HTCAND32 deleted successfully!
File System32\Drivers\ANDROIDUSB.sys not found.
Service cpuz132 stopped successfully!
Service cpuz132 deleted successfully!
File C:\DOCUME~1\JITONN~1\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys not found.
Service BTWUSB stopped successfully!
Service BTWUSB deleted successfully!
File System32\Drivers\btwusb.sys not found.
Service BTWDNDIS stopped successfully!
Service BTWDNDIS deleted successfully!
File system32\DRIVERS\btwdndis.sys not found.
Service BTDriver stopped successfully!
Service BTDriver deleted successfully!
File system32\DRIVERS\btport.sys not found.
Service btaudio stopped successfully!
Service btaudio deleted successfully!
File system32\drivers\btaudio.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-602162358-1390067357-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
C:\Documents and Settings\Jiří Tonner\Plocha\LM.bat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\8B2B1CCDF4.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP259.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP28.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP397.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP47.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP476.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP538.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP556.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP59.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP66A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CF.tmp\PresentationFramework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7E9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP90.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI21E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI394.tmp deleted successfully.
C:\WINDOWS\Installer\MSI46E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI630.tmp deleted successfully.
C:\WINDOWS\Installer\MSI67F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6A4.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6F8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9C.tmp deleted successfully.
C:\WINDOWS\Installer\MSIAF.tmp deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\CR_49388.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\CR_49388.tmp folder deleted successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: Administrator.JIRKA
->Temp folder emptied: 40621 bytes
->Temporary Internet Files folder emptied: 32768 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: Default User
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes

User: Jiří Tonner
->Temp folder emptied: 704 bytes
->Temporary Internet Files folder emptied: 770182 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 59521834 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 58008 bytes

User: Jiￅﾙￃﾭ Tonner

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1075904 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18074415 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 355663986 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 415,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.JIRKA
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Jiří Tonner
->Flash cache emptied: 0 bytes

User: Jiￅﾙￃﾭ Tonner

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: Administrator.JIRKA

User: All Users

User: Default User

User: Jiří Tonner
->Java cache emptied: 0 bytes

User: Jiￅﾙￃﾭ Tonner

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 10022013_170309

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#25 Příspěvek od **vyosek** » 02 říj 2013 17:02

OTL nam udelalo co melo, jak se chova PC

J.Tonner · #26 Příspěvek od **J.Tonner** » 02 říj 2013 18:37

Zatím bez problémů

neměl jsem teď moc času se dopídit jak se posílají donace?

#27 Příspěvek od **vyosek** » 02 říj 2013 19:13

Donace?? Jestli myslite dotaze\podporu fora, tak moznosti jsou zde http://forum.viry.cz/viewtopic.php?f=7&t=78175

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

J.Tonner · #28 Příspěvek od **J.Tonner** » 04 říj 2013 18:45

uklizeno

rád bych podpořil i finančně, ale když kliknu na odkaz "podpořte fórum", vrátí mě to zpátky na topic a nikde nevidím možnost poslat nějakou odměnu. Jestli vám stačí poděkování, nejsem proti:-)
Pomoc je vítaná vždycky... Díky moc a jestli tu možnost jenom nevidím, tak mě někdo trkněte

#29 Příspěvek od **vyosek** » 05 říj 2013 22:27

Moznosti podpory

iwigirl píše:
SuperCash - - provedení platby prostřednitvím terminálů SAZKY

výhody: ať posíláte jakoukoliv platbu, poplatek za zaslání je pouze 10 Kč.
nevýhody: musíte ven
SMSden - podpora prostřednictvím SMSky

výhody: není třeba si nic instalovat a nikam chodit.
nevýhody: z vámi zaslané částky obdrží fórum zhruba třetinu, zbytek si rozdělí poskytovatel služby a operátor.
Bankovní účet - podpora prostřednictvím bankovního převodu (převodu peněz)

výhody: poměrně jednoduchý a od uživatelů žádaný způsob
nevýhody: poplatek Vaší bance za zpracování příkazu k úhradě
číslo účtu našeho fóra: 107-275600267/0100, do zprávy pro příjemce můžete napsat Váš nick, abychom věděli od koho platba je

PayPal - podpora prostřednictvím bezpečného platebního systému přímo z vašeho účtu

výhody:
bezpečná a okamžitá transakce během 2 minut

možno podpořit nás i ze Slovenské republiky

nevýhody:
je třeba se nejprve zaregistrovat - registrace je nicméně velice jednoduchá.

je třeba mít bankovní účet a platební kartu

nevyplatí se pro zasílání malých částek (ze zaslané částky bude stržen poplatek 3,4% + 10 CZK)
Ti z vás, kteří se rozhodnou podpořit team fóra viry.cz prostřednictvím PayPalu, tak mohou učinit 2 způsoby:

kliknutím na , volbou libovolné částky a zadáním svého nicku do zprávy pro příjemce

přihlášením na svůj paypal účet, zasláním libovolné částky na email podporte@forum.viry.cz a následným posláním potvrzujícího e-mailu (obsahujícího váš nick na fóru a zaslanou částku) na tentyz mail podporte@forum.viry.cz pripadne nick dejte do zpravy pri placeni pres PayPal

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat

VIRY.CZ

skáče mi do vyhledavače deltasearch a avast se může zbláznit

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá

Re: skáče mi do vyhledavače deltasearch a avast se může zblá