virus 3

[Pavla V.]

... a ještě poslední naše PC (dvě předchozí hlásí vir a už jsem vkládala logy). Zde se mi bohužel nedaří ani projet avastem - vytuhne na nějakém souboru Volume.... něco. Nejde ani spustit RSIT - zobrazí se hláška, připojím obrázek. Co s tím? Předem děkuji, Pája

[Rudy]

Zdravím!
Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[Pavla V.]

Děkuji, tady jsou logy.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Admin (administrator) on BOBIK3 on 05-11-2013 20:24:19
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium (X64) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(PoivY) C:\Program Files (x86)\PoivY.com\PoivY\poivy.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9996320 2010-01-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [877600 2010-01-20] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-06-27] ()
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-23] (Alcor Micro Corp.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-06] (Acer Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [PoivY] - C:\Program Files (x86)\PoivY.com\PoivY\poivy.exe [19312944 2013-04-23] (PoivY)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKLM-x32\...\Run: [SuiteTray] - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [MDS_Menu] - C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] - C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3568312 2013-11-05] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Guest\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-24] (Google Inc.)
HKU\Martin a Paja\...\Run: [Google Update] - C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2010-07-21] (Google Inc.)
HKU\Martin a Paja\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
HKU\Martin a Paja\...\Run: [PoivY] - C:\Program Files (x86)\PoivY.com\PoivY\poivy.exe [19312944 2013-04-23] (PoivY)
Startup: C:\Users\Admin\AppData ()
Startup: C:\Users\Admin\Contacts ()
Startup: C:\Users\Admin\Data aplikací ()
Startup: C:\Users\Admin\Desktop ()
Startup: C:\Users\Admin\Documents ()
Startup: C:\Users\Admin\Dokumenty ()
Startup: C:\Users\Admin\Downloads ()
Startup: C:\Users\Admin\Favorites ()
Startup: C:\Users\Admin\InstallAnywhere ()
Startup: C:\Users\Admin\Links ()
Startup: C:\Users\Admin\Local Settings ()
Startup: C:\Users\Admin\Music ()
Startup: C:\Users\Admin\Nabídka Start ()
Startup: C:\Users\Admin\ntuser.dat ()
Startup: C:\Users\Admin\ntuser.dat.LOG1 ()
Startup: C:\Users\Admin\ntuser.dat.LOG2 ()
Startup: C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0df21f0f-e167-11e2-bfcb-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{0df21f0f-e167-11e2-bfcb-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0df21f0f-e167-11e2-bfcb-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0f792124-c268-11df-89e3-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{0f792124-c268-11df-89e3-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0f792124-c268-11df-89e3-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{14393129-4448-11e1-857e-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{14393129-4448-11e1-857e-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{14393129-4448-11e1-857e-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{1fa62bb9-abe0-11e2-a3f3-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{1fa62bb9-abe0-11e2-a3f3-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{1fa62bb9-abe0-11e2-a3f3-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{200c37cb-9422-11e1-92cd-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{200c37cb-9422-11e1-92cd-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{200c37cb-9422-11e1-92cd-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2428e03b-b176-11e2-a032-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2428e03b-b176-11e2-a032-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2428e03b-b176-11e2-a032-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{24d8945c-c856-11e2-88ac-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{24d8945c-c856-11e2-88ac-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{24d8945c-c856-11e2-88ac-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2559d9ce-d8a7-11e1-bb04-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2559d9ce-d8a7-11e1-bb04-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2559d9ce-d8a7-11e1-bb04-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2cde9c9b-4c0d-11e2-a70b-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2cde9c9b-4c0d-11e2-a70b-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2cde9c9b-4c0d-11e2-a70b-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2f7da29e-ac79-11e1-a10a-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2f7da29e-ac79-11e1-a10a-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2f7da29e-ac79-11e1-a10a-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3221ee08-ab84-11e0-976f-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3221ee08-ab84-11e0-976f-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3221ee08-ab84-11e0-976f-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3b63f2de-0977-11e2-94ad-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3b63f2de-0977-11e2-94ad-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3b63f2de-0977-11e2-94ad-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3c9dba17-b125-11e1-8b17-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3c9dba17-b125-11e1-8b17-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3c9dba17-b125-11e1-8b17-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3d5a4b3c-1fdb-11e1-abc6-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3d5a4b3c-1fdb-11e1-abc6-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3d5a4b3c-1fdb-11e1-abc6-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{40559c41-0dcb-11e1-a64d-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{40559c41-0dcb-11e1-a64d-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{40559c41-0dcb-11e1-a64d-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4532a02b-9995-11e1-8373-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4532a02b-9995-11e1-8373-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4532a02b-9995-11e1-8373-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{49f9aca6-3b5f-11e1-a76c-c4461951af07}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{49f9aca6-3b5f-11e1-a76c-c4461951af07}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{49f9aca6-3b5f-11e1-a76c-c4461951af07}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4ab09c9a-3a95-11e1-8096-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4ab09c9a-3a95-11e1-8096-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4ab09c9a-3a95-11e1-8096-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4b4fc076-051b-11e3-b733-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4b4fc076-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4b4fc076-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4e1a082d-2237-11e1-8d83-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4e1a082d-2237-11e1-8d83-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4e1a082d-2237-11e1-8d83-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{512dbb06-3970-11e2-a465-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{512dbb06-3970-11e2-a465-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{512dbb06-3970-11e2-a465-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{51e35ab0-43fc-11e3-a157-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{51e35ab0-43fc-11e3-a157-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{51e35ab0-43fc-11e3-a157-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{5b675151-73b4-11e0-b878-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{5b675151-73b4-11e0-b878-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{5b675151-73b4-11e0-b878-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604948af-5b04-11e2-aed2-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{604948af-5b04-11e2-aed2-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604948af-5b04-11e2-aed2-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604cd058-4d9b-11e2-9a31-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{604cd058-4d9b-11e2-9a31-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604cd058-4d9b-11e2-9a31-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{61650cdd-3064-11e1-a13a-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{61650cdd-3064-11e1-a13a-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{61650cdd-3064-11e1-a13a-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{65c807c6-41ba-11e1-aafa-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{65c807c6-41ba-11e1-aafa-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{65c807c6-41ba-11e1-aafa-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7842849a-199b-11e1-8c25-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{7842849a-199b-11e1-8c25-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7842849a-199b-11e1-8c25-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7ad9c32b-a175-11e0-b8e6-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{7ad9c32b-a175-11e0-b8e6-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7ad9c32b-a175-11e0-b8e6-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{805d1848-af3b-11df-9982-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{805d1848-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{805d1848-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{80c59c7b-2499-11e1-9caa-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{80c59c7b-2499-11e1-9caa-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{80c59c7b-2499-11e1-9caa-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{833d9282-a6fa-11e0-a17f-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{833d9282-a6fa-11e0-a17f-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{833d9282-a6fa-11e0-a17f-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{85d0caac-8632-11e2-959c-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{85d0caac-8632-11e2-959c-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{85d0caac-8632-11e2-959c-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{870b57a8-11e3-11e2-ac06-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{870b57a8-11e3-11e2-ac06-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{870b57a8-11e3-11e2-ac06-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{87dffc32-0474-11e2-9ca9-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{87dffc32-0474-11e2-9ca9-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{87dffc32-0474-11e2-9ca9-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{92c4b42e-878e-11e1-bbc9-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{92c4b42e-878e-11e1-bbc9-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{92c4b42e-878e-11e1-bbc9-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{9649eef6-19b9-11e2-8ae4-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{9649eef6-19b9-11e2-8ae4-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{9649eef6-19b9-11e2-8ae4-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ab30d057-0ab9-11e1-815d-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{ab30d057-0ab9-11e1-815d-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ab30d057-0ab9-11e1-815d-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b044d35d-101f-11e1-86c8-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b044d35d-101f-11e1-86c8-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b044d35d-101f-11e1-86c8-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b05b55a0-2797-11e2-ab9c-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b05b55a0-2797-11e2-ab9c-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b05b55a0-2797-11e2-ab9c-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b1891d7c-99d6-11e2-bf15-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b1891d7c-99d6-11e2-bf15-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b1891d7c-99d6-11e2-bf15-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b924d65d-1325-11e2-9fc7-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b924d65d-1325-11e2-9fc7-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b924d65d-1325-11e2-9fc7-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b9f5c5be-50e0-11e2-841a-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b9f5c5be-50e0-11e2-841a-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b9f5c5be-50e0-11e2-841a-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d80b67aa-10ff-11e1-a972-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{d80b67aa-10ff-11e1-a972-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d80b67aa-10ff-11e1-a972-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d966b437-4641-11e3-82f3-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{d966b437-4641-11e3-82f3-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d966b437-4641-11e3-82f3-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d970348d-61ea-11e1-9060-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{d970348d-61ea-11e1-9060-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d970348d-61ea-11e1-9060-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{e7a63493-a92b-11e0-af5f-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{e7a63493-a92b-11e0-af5f-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{e7a63493-a92b-11e0-af5f-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ec668c74-a265-11e2-a7dd-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{ec668c74-a265-11e2-a7dd-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ec668c74-a265-11e2-a7dd-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{efa836bd-ad37-11e0-8f67-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{efa836bd-ad37-11e0-8f67-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{efa836bd-ad37-11e0-8f67-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{f2e2a93b-83a5-11e1-86cf-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{f2e2a93b-83a5-11e1-86cf-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{f2e2a93b-83a5-11e1-86cf-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{fca42236-3ec5-11e1-af05-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{fca42236-3ec5-11e1-af05-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{fca42236-3ec5-11e1-af05-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.ini ()
Startup: C:\Users\Admin\Okolní síť ()
Startup: C:\Users\Admin\Okolní tiskárny ()
Startup: C:\Users\Admin\Pictures ()
Startup: C:\Users\Admin\Poslední ()
Startup: C:\Users\Admin\Saved Games ()
Startup: C:\Users\Admin\Searches ()
Startup: C:\Users\Admin\SendTo ()
Startup: C:\Users\Admin\Soubory cookie ()
Startup: C:\Users\Admin\Tracing ()
Startup: C:\Users\Admin\Videos ()
Startup: C:\Users\Admin\Šablony ()
Startup: C:\ProgramData\Acer ()
Startup: C:\ProgramData\Adobe ()
Startup: C:\ProgramData\Alwil Software ()
Startup: C:\ProgramData\AmUStor ()
Startup: C:\ProgramData\Application Data ()
Startup: C:\ProgramData\ArcadeDeluxe4.log ()
Startup: C:\ProgramData\AVAST Software ()
Startup: C:\ProgramData\BackupManager ()
Startup: C:\ProgramData\boost_interprocess ()
Startup: C:\ProgramData\CanonBJ ()
Startup: C:\ProgramData\CyberLink ()
Startup: C:\ProgramData\Desktop ()
Startup: C:\ProgramData\Documents ()
Startup: C:\ProgramData\EgisTec IPS ()
Startup: C:\ProgramData\eSobi ()
Startup: C:\ProgramData\Favorites ()
Startup: C:\ProgramData\Friends Games ()
Startup: C:\ProgramData\Google ()
Startup: C:\ProgramData\GRETECH ()
Startup: C:\ProgramData\hps ()
Startup: C:\ProgramData\LockLizard ()
Startup: C:\ProgramData\Malwarebytes ()
Startup: C:\ProgramData\McAfee ()
Startup: C:\ProgramData\Microsoft ()
Startup: C:\ProgramData\Microsoft Help ()
Startup: C:\ProgramData\Mozilla ()
Startup: C:\ProgramData\OberonGameConsole ()
Startup: C:\ProgramData\OEM ()
Startup: C:\ProgramData\Oracle ()
Startup: C:\ProgramData\Partner ()
Startup: C:\ProgramData\Skype ()
Startup: C:\ProgramData\Spybot - Search & Destroy ()
Startup: C:\ProgramData\Start Menu ()
Startup: C:\ProgramData\Sun ()
Startup: C:\ProgramData\Symantec ()
Startup: C:\ProgramData\Temp ()
Startup: C:\ProgramData\Templates ()
Startup: C:\ProgramData\TightVNC ()
Startup: C:\ProgramData\tmp ()
Startup: C:\ProgramData\TomTom ()
Startup: C:\ProgramData\ZoomBrowser ()
Startup: C:\ProgramData\{9490D983-81BD-48D9-BC94-D4CAF0FA9EC5} ()
Startup: C:\Users\Default\AppData ()
Startup: C:\Users\Default\Application Data ()
Startup: C:\Users\Default\Desktop ()
Startup: C:\Users\Default\Documents ()
Startup: C:\Users\Default\Downloads ()
Startup: C:\Users\Default\Favorites ()
Startup: C:\Users\Default\Links ()
Startup: C:\Users\Default\Local Settings ()
Startup: C:\Users\Default\Music ()
Startup: C:\Users\Default\My Documents ()
Startup: C:\Users\Default\NetHood ()
Startup: C:\Users\Default\NTUSER.DAT ()
Startup: C:\Users\Default\NTUSER.DAT.LOG ()
Startup: C:\Users\Default\NTUSER.DAT.LOG1 ()
Startup: C:\Users\Default\NTUSER.DAT.LOG2 ()
Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Default\Pictures ()
Startup: C:\Users\Default\PrintHood ()
Startup: C:\Users\Default\Recent ()
Startup: C:\Users\Default\Saved Games ()
Startup: C:\Users\Default\SendTo ()
Startup: C:\Users\Default\Start Menu ()
Startup: C:\Users\Default\Templates ()
Startup: C:\Users\Default\Videos ()
Startup: C:\Users\Guest\AppData ()
Startup: C:\Users\Guest\Contacts ()
Startup: C:\Users\Guest\Data aplikací ()
Startup: C:\Users\Guest\Desktop ()
Startup: C:\Users\Guest\Documents ()
Startup: C:\Users\Guest\Dokumenty ()
Startup: C:\Users\Guest\Downloads ()
Startup: C:\Users\Guest\Favorites ()
Startup: C:\Users\Guest\Links ()
Startup: C:\Users\Guest\Local Settings ()
Startup: C:\Users\Guest\Music ()
Startup: C:\Users\Guest\Nabídka Start ()
Startup: C:\Users\Guest\ntuser.dat ()
Startup: C:\Users\Guest\ntuser.dat.LOG1 ()
Startup: C:\Users\Guest\ntuser.dat.LOG2 ()
Startup: C:\Users\Guest\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Guest\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Guest\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Guest\ntuser.ini ()
Startup: C:\Users\Guest\Okolní síť ()
Startup: C:\Users\Guest\Okolní tiskárny ()
Startup: C:\Users\Guest\Pictures ()
Startup: C:\Users\Guest\Poslední ()
Startup: C:\Users\Guest\Saved Games ()
Startup: C:\Users\Guest\Searches ()
Startup: C:\Users\Guest\SendTo ()
Startup: C:\Users\Guest\Soubory cookie ()
Startup: C:\Users\Guest\Videos ()
Startup: C:\Users\Guest\Šablony ()
Startup: C:\Users\Martin a Paja\AppData ()
Startup: C:\Users\Martin a Paja\Application Data ()
Startup: C:\Users\Martin a Paja\Contacts ()
Startup: C:\Users\Martin a Paja\Data aplikací ()
Startup: C:\Users\Martin a Paja\Desktop ()
Startup: C:\Users\Martin a Paja\Documents ()
Startup: C:\Users\Martin a Paja\Dokumenty ()
Startup: C:\Users\Martin a Paja\Downloads ()
Startup: C:\Users\Martin a Paja\Favorites ()
Startup: C:\Users\Martin a Paja\Fotky ()
Startup: C:\Users\Martin a Paja\kbpki ()
Startup: C:\Users\Martin a Paja\Links ()
Startup: C:\Users\Martin a Paja\Local Settings ()
Startup: C:\Users\Martin a Paja\Martin ()
Startup: C:\Users\Martin a Paja\Music ()
Startup: C:\Users\Martin a Paja\Nabídka Start ()
Startup: C:\Users\Martin a Paja\ntuser.dat ()
Startup: C:\Users\Martin a Paja\ntuser.dat.LOG1 ()
Startup: C:\Users\Martin a Paja\ntuser.dat.LOG2 ()
Startup: C:\Users\Martin a Paja\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Martin a Paja\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{34732449-d2e4-11e0-a305-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{34732449-d2e4-11e0-a305-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{34732449-d2e4-11e0-a305-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.0.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.1.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.2.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f50-051b-11e3-b733-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f50-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f50-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4c7f28ef-d13b-11e0-9946-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4c7f28ef-d13b-11e0-9946-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4c7f28ef-d13b-11e0-9946-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{737784ed-c7d0-11e0-9506-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{737784ed-c7d0-11e0-9506-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{737784ed-c7d0-11e0-9506-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{805d1844-af3b-11df-9982-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{805d1844-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{805d1844-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{8c9c097d-d471-11e0-b0df-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{8c9c097d-d471-11e0-b0df-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{8c9c097d-d471-11e0-b0df-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{b923c0d2-adda-11e2-8f8e-c4461951af07}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{b923c0d2-adda-11e2-8f8e-c4461951af07}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{b923c0d2-adda-11e2-8f8e-c4461951af07}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{fadb3b32-c63b-11e0-850d-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{fadb3b32-c63b-11e0-850d-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{fadb3b32-c63b-11e0-850d-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.ini ()
Startup: C:\Users\Martin a Paja\Okolní síť ()
Startup: C:\Users\Martin a Paja\Okolní tiskárny ()
Startup: C:\Users\Martin a Paja\Paja ()
Startup: C:\Users\Martin a Paja\Pictures ()
Startup: C:\Users\Martin a Paja\Poslední ()
Startup: C:\Users\Martin a Paja\Pravidla Českého Pravopisu s kompletním zapracováním dodatku MŠMT ČR ()
Startup: C:\Users\Martin a Paja\Saved Games ()
Startup: C:\Users\Martin a Paja\Searches ()
Startup: C:\Users\Martin a Paja\SendTo ()
Startup: C:\Users\Martin a Paja\Soubory cookie ()
Startup: C:\Users\Martin a Paja\Thumbs.db ()
Startup: C:\Users\Martin a Paja\Videos ()
Startup: C:\Users\Martin a Paja\Šablony ()
Startup: C:\Users\Public\AppData ()
Startup: C:\Users\Public\BKr ()
Startup: C:\Users\Public\Desktop ()
Startup: C:\Users\Public\Documents ()
Startup: C:\Users\Public\Downloads ()
Startup: C:\Users\Public\Favorites ()
Startup: C:\Users\Public\Libraries ()
Startup: C:\Users\Public\Music ()
Startup: C:\Users\Public\NTUSER.DAT ()
Startup: C:\Users\Public\NTUSER.DAT.LOG1 ()
Startup: C:\Users\Public\NTUSER.DAT.LOG2 ()
Startup: C:\Users\Public\NTUSER.DAT{3291dce1-9fc2-11df-81a5-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{3291dce1-9fc2-11df-81a5-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{3291dce1-9fc2-11df-81a5-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{6c17ac1e-958a-11df-ab04-c4461951af07}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{6c17ac1e-958a-11df-ab04-c4461951af07}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{6c17ac1e-958a-11df-ab04-c4461951af07}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\OEM ()
Startup: C:\Users\Public\Pictures ()
Startup: C:\Users\Public\Recorded TV ()
Startup: C:\Users\Public\Thumbs.db ()
Startup: C:\Users\Public\Veřejné CD ROM ()
Startup: C:\Users\Public\Videos ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t46m1k07o
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t46m1k07o
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {9A75B447-FE61-4422-872C-38444C71F12F} URL = http://search.freecause.com/search?ourm ... earchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: GretechBHO Class - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll (Gretech Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 81.90.240.1 81.90.240.2

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zkke1wmf.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Centrum doménový pomocník - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zkke1wmf.default\Extensions\centrumpomocnik@centrum.cz
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-11-05] (AVAST Software)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-04] ()
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-05] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-10-21] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-21] ()
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [23552 2008-05-02] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18432 2008-05-02] (Nokia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-05-20] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 20:23 - 2013-11-05 20:23 - 00000000 ____D C:\FRST
2013-11-05 20:20 - 2013-11-05 20:20 - 00112128 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2013-11-05 20:19 - 2013-11-05 20:19 - 01957098 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2013-11-05 19:20 - 2013-11-05 19:21 - 00832273 _____ C:\Users\Admin\Desktop\RSITx64(1).exe
2013-11-05 19:20 - 2013-11-05 19:20 - 00000000 ____D C:\ProgramData\Oracle
2013-11-05 19:19 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-05 19:19 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-05 19:19 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-05 19:19 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-05 19:18 - 2013-11-05 19:19 - 00004674 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-05 19:14 - 2013-11-05 19:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVAST Software
2013-11-05 19:10 - 2013-11-05 19:10 - 00000000 ____D C:\rsit
2013-11-05 11:52 - 2013-11-05 18:44 - 00000168 _____ C:\Windows\setupact.log
2013-11-05 11:52 - 2013-11-05 11:52 - 00000000 _____ C:\Windows\setuperr.log
2013-11-03 19:37 - 2013-11-03 22:01 - 00000000 ____D C:\Users\Martin a Paja\Desktop\DIPLOMKA
2013-10-23 11:41 - 2013-10-23 11:41 - 00000363 _____ C:\Users\Martin a Paja\Downloads\CSOB_980269027_23.10.2013.txt
2013-10-21 17:38 - 2013-10-21 17:38 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\AVAST Software
2013-10-21 14:41 - 2013-10-21 14:41 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-14 16:40 - 2013-10-14 16:40 - 00004241 _____ C:\Users\Martin a Paja\Downloads\201337554.htm
2013-10-07 17:49 - 2013-10-07 17:49 - 06635520 _____ C:\Users\Martin a Paja\Downloads\inSSIDer-installer.msi

==================== One Month Modified Files and Folders =======

2013-11-05 20:23 - 2013-11-05 20:23 - 00000000 ____D C:\FRST
2013-11-05 20:20 - 2013-11-05 20:20 - 00112128 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2013-11-05 20:19 - 2013-11-05 20:19 - 01957098 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2013-11-05 20:12 - 2013-05-12 18:19 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job
2013-11-05 20:08 - 2013-05-11 06:13 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-05 19:35 - 2011-12-30 11:06 - 01562650 _____ C:\Windows\WindowsUpdate.log
2013-11-05 19:26 - 2013-05-15 13:27 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-05 19:22 - 2013-04-30 14:01 - 00000000 ____D C:\Program Files\trend micro
2013-11-05 19:21 - 2013-11-05 19:20 - 00832273 _____ C:\Users\Admin\Desktop\RSITx64(1).exe
2013-11-05 19:20 - 2013-11-05 19:20 - 00000000 ____D C:\ProgramData\Oracle
2013-11-05 19:19 - 2013-11-05 19:18 - 00004674 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-05 19:19 - 2010-07-22 11:25 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-05 19:14 - 2013-11-05 19:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVAST Software
2013-11-05 19:14 - 2013-08-07 22:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2013-11-05 19:14 - 2013-05-11 06:13 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-05 19:14 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-05 19:14 - 2009-07-14 05:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-05 19:10 - 2013-11-05 19:10 - 00000000 ____D C:\rsit
2013-11-05 19:10 - 2010-08-06 15:37 - 00000000 ____D C:\Users\Admin
2013-11-05 18:44 - 2013-11-05 11:52 - 00000168 _____ C:\Windows\setupact.log
2013-11-05 18:44 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-05 16:35 - 2010-07-21 17:43 - 00000000 ____D C:\Users\Martin a Paja
2013-11-05 15:00 - 2013-03-24 06:34 - 00001981 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-05 15:00 - 2012-07-04 12:04 - 00003926 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-05 14:59 - 2011-02-28 20:47 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-05 14:59 - 2011-01-15 12:51 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-05 14:59 - 2010-07-22 13:32 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-05 14:59 - 2010-07-22 13:32 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-05 14:59 - 2010-07-22 13:32 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-05 14:59 - 2010-07-22 13:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-05 14:56 - 2010-07-28 08:50 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\Skype
2013-11-05 13:17 - 2013-08-14 07:15 - 00000000 ____D C:\Users\Public\BKr
2013-11-05 11:52 - 2013-11-05 11:52 - 00000000 _____ C:\Windows\setuperr.log
2013-11-05 11:52 - 2010-08-01 23:24 - 00000000 ____D C:\Users\Martin a Paja\Paja
2013-11-05 11:25 - 2013-08-15 13:23 - 00183296 ___SH C:\Users\Public\Thumbs.db
2013-11-04 21:33 - 2013-01-10 22:28 - 00000000 ____D C:\Users\Martin a Paja\AppData\Local\Paratext73
2013-11-04 21:12 - 2013-05-12 18:19 - 00000942 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job
2013-11-03 22:05 - 2010-06-27 02:28 - 00665944 _____ C:\Windows\system32\perfh005.dat
2013-11-03 22:05 - 2010-06-27 02:28 - 00139608 _____ C:\Windows\system32\perfc005.dat
2013-11-03 22:05 - 2009-07-14 06:13 - 01575230 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-03 22:01 - 2013-11-03 19:37 - 00000000 ____D C:\Users\Martin a Paja\Desktop\DIPLOMKA
2013-11-01 21:14 - 2010-08-05 13:29 - 00000000 ____D C:\Users\Martin a Paja\Fotky
2013-10-29 10:06 - 2010-08-19 21:53 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\ZoomBrowser EX
2013-10-29 10:06 - 2010-08-19 21:50 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\CameraWindowDC
2013-10-23 11:41 - 2013-10-23 11:41 - 00000363 _____ C:\Users\Martin a Paja\Downloads\CSOB_980269027_23.10.2013.txt
2013-10-21 17:38 - 2013-10-21 17:38 - 00000000 ____D C:\Users\Martin a Paja\AppData\Roaming\AVAST Software
2013-10-21 15:03 - 2013-03-03 22:03 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-10-21 15:03 - 2013-03-03 22:03 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-10-21 15:03 - 2012-03-09 16:40 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-10-21 15:03 - 2010-07-22 13:32 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-10-21 14:41 - 2013-10-21 14:41 - 00000000 ____D C:\ProgramData\AVAST Software
2013-10-21 14:40 - 2010-07-22 13:32 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-10-17 07:25 - 2010-07-22 07:37 - 00002410 _____ C:\Users\Martin a Paja\Desktop\Google Chrome.lnk
2013-10-16 07:08 - 2010-07-22 08:30 - 00000000 ____D C:\Users\Martin a Paja\Martin
2013-10-14 19:24 - 2010-07-28 08:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 19:24 - 2010-07-28 08:49 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 16:40 - 2013-10-14 16:40 - 00004241 _____ C:\Users\Martin a Paja\Downloads\201337554.htm
2013-10-12 18:03 - 2010-07-21 18:34 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-12 18:03 - 2010-07-21 18:34 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-09 19:26 - 2013-04-01 09:06 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-09 19:26 - 2012-10-19 07:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 19:26 - 2011-05-21 09:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-08 07:50 - 2013-11-05 19:19 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-08 07:46 - 2013-11-05 19:19 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-08 07:46 - 2013-11-05 19:19 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-08 07:46 - 2013-11-05 19:19 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-07 20:07 - 2010-07-22 07:36 - 00003980 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA
2013-10-07 20:07 - 2010-07-22 07:36 - 00003584 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core
2013-10-07 17:49 - 2013-10-07 17:49 - 06635520 _____ C:\Users\Martin a Paja\Downloads\inSSIDer-installer.msi
2013-10-07 17:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\ShadowStartbsjv3ju0.uod.exe
C:\Users\Admin\AppData\Local\temp\ShadowStartuy02k4yj.orf.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-03 11:52

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Admin at 2013-11-05 20:24:58
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (x32)
7-Zip 4.65 (x32)
AC3Filter 1.63b (x32 Version: 1.63b)
Acer Arcade Deluxe (x32 Version: 4.0.7615)
Acer Arcade Movie (x32 Version: 9.0.6423)
Acer Backup Manager (x32 Version: 2.0.0.60)
Acer Crystal Eye webcam Ver:1.1.178.503 (x32 Version: 1.1.178.503)
Acer ePower Management (x32 Version: 5.00.3002)
Acer eRecovery Management (x32 Version: 4.05.3007)
Acer GameZone Console (x32 Version: 6.1.0.2)
Acer Registration (x32 Version: 1.02.3006)
Acer ScreenSaver (x32 Version: 1.1.0222.2010)
Acer Updater (x32 Version: 1.02.3001)
Acer VCM (x32 Version: 4.05.3002)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.02) - Czech (x32 Version: 11.0.02)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (x32)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (x32)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094)
Amazonia (x32)
Asistent pro přihlášení ke službě Windows Live (x32 Version: 5.000.818.5)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.20)
avast! Free Antivirus (x32 Version: 9.0.2007)
Backup Manager Basic (x32 Version: 2.0.0.60)
BlackBerry Device Software v5.0.0 pro BlackBerry 8520 Smartphone (x32 Version: 5.0.0.1036 (Platforma 5.2.0.104))
Cake Mania (x32)
Canon G.726 WMP-Decoder (x32 Version: 1.1.0.4)
Canon Inkjet Printer Driver Add-On Module
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (x32 Version: 0.9.3.9)
Canon Utilities CameraWindow (x32 Version: 7.1.0.2)
Canon Utilities CameraWindow DC (x32 Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (x32 Version: 6.4.2.16)
Canon Utilities MyCamera (x32 Version: 6.4.0.5)
Canon Utilities MyCamera DC (x32 Version: 7.0.1.8)
Canon Utilities PhotoStitch (x32 Version: 3.1.21.45)
Canon Utilities RemoteCapture DC (x32 Version: 3.0.1.8)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (x32 Version: 6.1.1.21)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.1.0.8)
CCleaner (x32 Version: 2.33)
Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000)
CoreAAC (x32)
Dairy Dash (x32)
dm paradies foto 3 (x32)
Dream Day First Home (x32)
eSobi v2 (x32 Version: 2.0.4.000274)
ExtractNow (x32)
Farm Frenzy 2 (x32)
Galapago (x32)
GOM Encoder (x32 Version: 1.1.0.47)
GOM PICKER (x32 Version: 0.7.0.0)
GOM Player (x32 Version: 2.1.28.5039)
Google Earth (x32 Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
Grand Master Chess 3 (x32 Version: 1.0)
Granny In Paradise (x32)
Helios Red 2011 (x32 Version: verze 9.05)
Helios Red Fakturace zdarma verze 9.05 (x32 Version: verze 9.05)
Heroes of Hellas (x32)
Chicken Invaders 2 (x32)
Identity Card (x32 Version: 1.00.3003)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (x32 Version: 8.15.10.2104)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
IrfanView (remove only) (x32 Version: 4.28)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 26 (x32 Version: 6.0.260)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Junk Mail filter update (x32 Version: 14.0.8089.726)
Launch Manager (x32 Version: 4.0.8)
Lingea Lexicon 5 (x32)
Lizard Safeguard - PDF Viewer 2.5.152 (x32)
MediaShow Espresso (x32 Version: 5.5.1403_23691)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended CSY Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - Czech/èeština (x32 Version: 12.0.6612.1000)
Microsoft Office O MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (Czech) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Slovak) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (Czech) 2007 (x32 Version: 12.0.4518.1025)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office X MUI (Czech) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft Works (x32 Version: 9.7.0621)
Mozilla Firefox 12.0 (x86 cs) (x32 Version: 12.0)
Mozilla Maintenance Service (x32 Version: 12.0)
MPEG2 Codec(libmpeg2/mad) (x32)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyTomTom 3.2.0.906 (x32 Version: 3.2.0.906)
MyWinLocker (x32 Version: 3.1.206.0)
MyWinLocker Suite (x32 Version: 3.1.206.0)
Nástroj pro odesílání služby Windows Live (x32 Version: 14.0.8014.1029)
Nokia Connectivity Cable Driver (Version: 6.80.5.1)
Norton Online Backup (x32 Version: 1.2.0.36)
Patria Forex (x32 Version: 101210)
PC Suite For Android Handset (x32 Version: 12.09.109.U8120D02SP05)
PDF To Word Converter V3.0.3 (x32)
PoivY (x32 Version: 4.05 build 579)
Ptw7 Framework (x32 Version: 7.1.100)
rajče verze 58 sestavení 212 (x32)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6029)
Runtime pro Helios Red (x32)
Shredder (Version: 2.0.5.0)
Shredder (x32 Version: 2.0.5.0)
Skype Click to Call (x32 Version: 6.9.12585)
Skype™ 6.9 (x32 Version: 6.9.106)
Spin & Win (x32)
STORMWARE POHODA CZ Start (x32 Version: 2010)
Super Internet TV v7.4 (x32)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
TightVNC (x32 Version: 2.5.1.0)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Total Commander (Remove or Repair) (x32 Version: 7.55a)
TV Player Classic 6.7 (x32)
Ultimate Reference Suite (x32 Version: 2012.0.0.0)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0)
Welcome Center (x32 Version: 1.00.3013)
WIDCOMM Bluetooth Software (Version: 6.3.0.4300)
Windows Live Communications Platform (x32 Version: 14.0.8064.206)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Messenger (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)

==================== Restore Points =========================

05-10-2013 14:38:44 Naplánovaný kontrolní bod
12-10-2013 17:54:13 Naplánovaný kontrolní bod
19-10-2013 19:40:56 Naplánovaný kontrolní bod
21-10-2013 13:41:18 avast! antivirus system restore point
29-10-2013 11:47:10 Naplánovaný kontrolní bod
05-11-2013 13:58:40 avast! antivirus system restore point
05-11-2013 18:17:52 Installed Java 7 Update 45

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-05-03 08:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {31956DCE-AB6D-4CED-802D-6C1E42E43510} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-11-05] (AVAST Software)
Task: {5F8A83AA-0016-429E-B6CC-042A8F6F123D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {6441296C-C861-471A-B18F-394603900F8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {6D51C0A3-E0ED-4E3E-8488-3679825D23F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {7BDD1DF1-3D35-451C-B090-E51EF75AD4AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {86462673-1059-4903-886D-125E11A72F35} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\Lpksetup.exe [2009-07-14] (Microsoft Corporation)
Task: {8D3FF6EB-5068-463A-B861-C19220B1A541} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {BB13650E-60AE-485C-A10A-5C6A0666B83B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {D7ACB904-A9F4-49A1-AC5B-781EF99BFDC4} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-05 13:24 - 2013-11-05 09:55 - 02138112 _____ () C:\Program Files\Alwil Software\Avast5\defs\13110500\algo.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-03-24 21:15 - 2010-03-24 21:15 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a52290f344ad5c5e513d71251549f5c2\IsdiInterop.ni.dll
2010-03-24 21:14 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2010-06-27 02:17 - 2009-05-20 23:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-10-21 15:03 - 2013-10-21 15:03 - 19336120 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2013 06:55:26 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011004} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/05/2013 06:55:26 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011005} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/05/2013 04:37:58 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011004} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/05/2013 04:37:58 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011005} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/05/2013 03:03:37 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011004} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/05/2013 03:03:37 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011005} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/05/2013 00:33:56 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1 se nezdařilo. Chyba v souboru manifestu nebo zásady WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2 na řádku WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definice je WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/05/2013 00:33:04 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (11/02/2013 09:23:33 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011004} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/02/2013 09:23:33 PM) (Source: MsiInstaller) (User: Bobik3)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011005} produktu Adobe Reader XI - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127


System errors:
=============
Error: (11/05/2013 06:47:49 PM) (Source: Service Control Manager) (User: )
Description: Služba TrustedInstaller neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (11/05/2013 06:44:32 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: Nepodařilo se spustit průvodce instalací jazykové sady. Restartujte systém a zkuste znovu spustit průvodce.

Error: (11/05/2013 06:44:32 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: Nepodařilo se inicializovat klienta CBS. Poslední chyba: 0x80070002

Error: (11/05/2013 06:44:32 PM) (Source: Service Control Manager) (User: )
Description: Služba TrustedInstaller neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (11/05/2013 06:44:32 PM) (Source: DCOM) (User: )
Description: 2TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (11/05/2013 06:44:31 PM) (Source: Service Control Manager) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (11/05/2013 06:44:26 PM) (Source: Service Control Manager) (User: )
Description: Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (11/05/2013 06:44:14 PM) (Source: EventLog) (User: )
Description: Předchozí vypnutí systému (18:37:29, ‎5.‎11.‎2013) bylo neočekávané.

Error: (11/05/2013 06:33:23 PM) (Source: iaStor) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (11/05/2013 06:26:20 PM) (Source: iaStor) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.


Microsoft Office Sessions:
=========================
Error: (04/16/2013 11:42:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 74 seconds with 60 seconds of active time. This session ended with a crash.

Error: (04/16/2013 11:40:52 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 549 seconds with 480 seconds of active time. This session ended with a crash.

Error: (04/16/2013 11:31:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 690 seconds with 540 seconds of active time. This session ended with a crash.

Error: (11/23/2010 10:54:10 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 388 seconds with 300 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2013-11-04 20:30:58.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-04 20:30:43.548
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 12:25:10.468
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-11-01 09:09:51.616
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-31 15:08:36.563
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-30 20:31:05.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-28 20:31:29.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-28 20:31:21.341
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-23 20:33:06.500
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-10-23 20:32:48.028
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 3764.5 MB
Available physical RAM: 2306.63 MB
Total Pagefile: 7527.15 MB
Available Pagefile: 5785.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:150.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: E361E361)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Guest\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-24] (Google Inc.)
C:\Program Files (x86)\Google\GoogleToolbarNotifier
Startup: C:\Users\Admin\AppData ()
Startup: C:\Users\Admin\Contacts ()
Startup: C:\Users\Admin\Data aplikací ()
Startup: C:\Users\Admin\Desktop ()
Startup: C:\Users\Admin\Documents ()
Startup: C:\Users\Admin\Dokumenty ()
Startup: C:\Users\Admin\Downloads ()
Startup: C:\Users\Admin\Favorites ()
Startup: C:\Users\Admin\InstallAnywhere ()
Startup: C:\Users\Admin\Links ()
Startup: C:\Users\Admin\Local Settings ()
Startup: C:\Users\Admin\Music ()
Startup: C:\Users\Admin\Nabídka Start ()
Startup: C:\Users\Admin\ntuser.dat ()
Startup: C:\Users\Admin\ntuser.dat.LOG1 ()
Startup: C:\Users\Admin\ntuser.dat.LOG2 ()
Startup: C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0df21f0f-e167-11e2-bfcb-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{0df21f0f-e167-11e2-bfcb-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0df21f0f-e167-11e2-bfcb-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0f792124-c268-11df-89e3-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{0f792124-c268-11df-89e3-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{0f792124-c268-11df-89e3-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{14393129-4448-11e1-857e-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{14393129-4448-11e1-857e-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{14393129-4448-11e1-857e-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{1fa62bb9-abe0-11e2-a3f3-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{1fa62bb9-abe0-11e2-a3f3-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{1fa62bb9-abe0-11e2-a3f3-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{200c37cb-9422-11e1-92cd-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{200c37cb-9422-11e1-92cd-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{200c37cb-9422-11e1-92cd-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2428e03b-b176-11e2-a032-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2428e03b-b176-11e2-a032-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2428e03b-b176-11e2-a032-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{24d8945c-c856-11e2-88ac-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{24d8945c-c856-11e2-88ac-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{24d8945c-c856-11e2-88ac-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2559d9ce-d8a7-11e1-bb04-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2559d9ce-d8a7-11e1-bb04-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2559d9ce-d8a7-11e1-bb04-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2cde9c9b-4c0d-11e2-a70b-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2cde9c9b-4c0d-11e2-a70b-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2cde9c9b-4c0d-11e2-a70b-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2f7da29e-ac79-11e1-a10a-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{2f7da29e-ac79-11e1-a10a-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{2f7da29e-ac79-11e1-a10a-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3221ee08-ab84-11e0-976f-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3221ee08-ab84-11e0-976f-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3221ee08-ab84-11e0-976f-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3b63f2de-0977-11e2-94ad-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3b63f2de-0977-11e2-94ad-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3b63f2de-0977-11e2-94ad-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3c9dba17-b125-11e1-8b17-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3c9dba17-b125-11e1-8b17-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3c9dba17-b125-11e1-8b17-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3d5a4b3c-1fdb-11e1-abc6-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{3d5a4b3c-1fdb-11e1-abc6-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{3d5a4b3c-1fdb-11e1-abc6-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{40559c41-0dcb-11e1-a64d-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{40559c41-0dcb-11e1-a64d-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{40559c41-0dcb-11e1-a64d-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4532a02b-9995-11e1-8373-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4532a02b-9995-11e1-8373-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4532a02b-9995-11e1-8373-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{49f9aca6-3b5f-11e1-a76c-c4461951af07}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{49f9aca6-3b5f-11e1-a76c-c4461951af07}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{49f9aca6-3b5f-11e1-a76c-c4461951af07}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4ab09c9a-3a95-11e1-8096-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4ab09c9a-3a95-11e1-8096-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4ab09c9a-3a95-11e1-8096-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4b4fc076-051b-11e3-b733-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4b4fc076-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4b4fc076-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4e1a082d-2237-11e1-8d83-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{4e1a082d-2237-11e1-8d83-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{4e1a082d-2237-11e1-8d83-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{512dbb06-3970-11e2-a465-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{512dbb06-3970-11e2-a465-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{512dbb06-3970-11e2-a465-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{51e35ab0-43fc-11e3-a157-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{51e35ab0-43fc-11e3-a157-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{51e35ab0-43fc-11e3-a157-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{5b675151-73b4-11e0-b878-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{5b675151-73b4-11e0-b878-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{5b675151-73b4-11e0-b878-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604948af-5b04-11e2-aed2-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{604948af-5b04-11e2-aed2-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604948af-5b04-11e2-aed2-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604cd058-4d9b-11e2-9a31-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{604cd058-4d9b-11e2-9a31-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{604cd058-4d9b-11e2-9a31-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{61650cdd-3064-11e1-a13a-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{61650cdd-3064-11e1-a13a-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{61650cdd-3064-11e1-a13a-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{65c807c6-41ba-11e1-aafa-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{65c807c6-41ba-11e1-aafa-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{65c807c6-41ba-11e1-aafa-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7842849a-199b-11e1-8c25-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{7842849a-199b-11e1-8c25-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7842849a-199b-11e1-8c25-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7ad9c32b-a175-11e0-b8e6-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{7ad9c32b-a175-11e0-b8e6-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{7ad9c32b-a175-11e0-b8e6-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{805d1848-af3b-11df-9982-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{805d1848-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{805d1848-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{80c59c7b-2499-11e1-9caa-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{80c59c7b-2499-11e1-9caa-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{80c59c7b-2499-11e1-9caa-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{833d9282-a6fa-11e0-a17f-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{833d9282-a6fa-11e0-a17f-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{833d9282-a6fa-11e0-a17f-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{85d0caac-8632-11e2-959c-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{85d0caac-8632-11e2-959c-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{85d0caac-8632-11e2-959c-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{870b57a8-11e3-11e2-ac06-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{870b57a8-11e3-11e2-ac06-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{870b57a8-11e3-11e2-ac06-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{87dffc32-0474-11e2-9ca9-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{87dffc32-0474-11e2-9ca9-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{87dffc32-0474-11e2-9ca9-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{92c4b42e-878e-11e1-bbc9-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{92c4b42e-878e-11e1-bbc9-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{92c4b42e-878e-11e1-bbc9-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{9649eef6-19b9-11e2-8ae4-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{9649eef6-19b9-11e2-8ae4-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{9649eef6-19b9-11e2-8ae4-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ab30d057-0ab9-11e1-815d-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{ab30d057-0ab9-11e1-815d-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ab30d057-0ab9-11e1-815d-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b044d35d-101f-11e1-86c8-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b044d35d-101f-11e1-86c8-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b044d35d-101f-11e1-86c8-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b05b55a0-2797-11e2-ab9c-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b05b55a0-2797-11e2-ab9c-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b05b55a0-2797-11e2-ab9c-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b1891d7c-99d6-11e2-bf15-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b1891d7c-99d6-11e2-bf15-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b1891d7c-99d6-11e2-bf15-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b924d65d-1325-11e2-9fc7-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b924d65d-1325-11e2-9fc7-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b924d65d-1325-11e2-9fc7-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b9f5c5be-50e0-11e2-841a-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{b9f5c5be-50e0-11e2-841a-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{b9f5c5be-50e0-11e2-841a-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d80b67aa-10ff-11e1-a972-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{d80b67aa-10ff-11e1-a972-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d80b67aa-10ff-11e1-a972-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d966b437-4641-11e3-82f3-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{d966b437-4641-11e3-82f3-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d966b437-4641-11e3-82f3-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d970348d-61ea-11e1-9060-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{d970348d-61ea-11e1-9060-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{d970348d-61ea-11e1-9060-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{e7a63493-a92b-11e0-af5f-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{e7a63493-a92b-11e0-af5f-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{e7a63493-a92b-11e0-af5f-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ec668c74-a265-11e2-a7dd-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{ec668c74-a265-11e2-a7dd-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{ec668c74-a265-11e2-a7dd-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{efa836bd-ad37-11e0-8f67-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{efa836bd-ad37-11e0-8f67-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{efa836bd-ad37-11e0-8f67-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{f2e2a93b-83a5-11e1-86cf-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{f2e2a93b-83a5-11e1-86cf-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{f2e2a93b-83a5-11e1-86cf-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{fca42236-3ec5-11e1-af05-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Admin\ntuser.dat{fca42236-3ec5-11e1-af05-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.dat{fca42236-3ec5-11e1-af05-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Admin\ntuser.ini ()
Startup: C:\Users\Admin\Okolní síť ()
Startup: C:\Users\Admin\Okolní tiskárny ()
Startup: C:\Users\Admin\Pictures ()
Startup: C:\Users\Admin\Poslední ()
Startup: C:\Users\Admin\Saved Games ()
Startup: C:\Users\Admin\Searches ()
Startup: C:\Users\Admin\SendTo ()
Startup: C:\Users\Admin\Soubory cookie ()
Startup: C:\Users\Admin\Tracing ()
Startup: C:\Users\Admin\Videos ()
Startup: C:\Users\Admin\Šablony ()
Startup: C:\ProgramData\Acer ()
Startup: C:\ProgramData\Adobe ()
Startup: C:\ProgramData\Alwil Software ()
Startup: C:\ProgramData\AmUStor ()
Startup: C:\ProgramData\Application Data ()
Startup: C:\ProgramData\ArcadeDeluxe4.log ()
Startup: C:\ProgramData\AVAST Software ()
Startup: C:\ProgramData\BackupManager ()
Startup: C:\ProgramData\boost_interprocess ()
Startup: C:\ProgramData\CanonBJ ()
Startup: C:\ProgramData\CyberLink ()
Startup: C:\ProgramData\Desktop ()
Startup: C:\ProgramData\Documents ()
Startup: C:\ProgramData\EgisTec IPS ()
Startup: C:\ProgramData\eSobi ()
Startup: C:\ProgramData\Favorites ()
Startup: C:\ProgramData\Friends Games ()
Startup: C:\ProgramData\Google ()
Startup: C:\ProgramData\GRETECH ()
Startup: C:\ProgramData\hps ()
Startup: C:\ProgramData\LockLizard ()
Startup: C:\ProgramData\Malwarebytes ()
Startup: C:\ProgramData\McAfee ()
Startup: C:\ProgramData\Microsoft ()
Startup: C:\ProgramData\Microsoft Help ()
Startup: C:\ProgramData\Mozilla ()
Startup: C:\ProgramData\OberonGameConsole ()
Startup: C:\ProgramData\OEM ()
Startup: C:\ProgramData\Oracle ()
Startup: C:\ProgramData\Partner ()
Startup: C:\ProgramData\Skype ()
Startup: C:\ProgramData\Spybot - Search & Destroy ()
Startup: C:\ProgramData\Start Menu ()
Startup: C:\ProgramData\Sun ()
Startup: C:\ProgramData\Symantec ()
Startup: C:\ProgramData\Temp ()
Startup: C:\ProgramData\Templates ()
Startup: C:\ProgramData\TightVNC ()
Startup: C:\ProgramData\tmp ()
Startup: C:\ProgramData\TomTom ()
Startup: C:\ProgramData\ZoomBrowser ()
Startup: C:\ProgramData\{9490D983-81BD-48D9-BC94-D4CAF0FA9EC5} ()
Startup: C:\Users\Default\AppData ()
Startup: C:\Users\Default\Application Data ()
Startup: C:\Users\Default\Desktop ()
Startup: C:\Users\Default\Documents ()
Startup: C:\Users\Default\Downloads ()
Startup: C:\Users\Default\Favorites ()
Startup: C:\Users\Default\Links ()
Startup: C:\Users\Default\Local Settings ()
Startup: C:\Users\Default\Music ()
Startup: C:\Users\Default\My Documents ()
Startup: C:\Users\Default\NetHood ()
Startup: C:\Users\Default\NTUSER.DAT ()
Startup: C:\Users\Default\NTUSER.DAT.LOG ()
Startup: C:\Users\Default\NTUSER.DAT.LOG1 ()
Startup: C:\Users\Default\NTUSER.DAT.LOG2 ()
Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Default\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Default\Pictures ()
Startup: C:\Users\Default\PrintHood ()
Startup: C:\Users\Default\Recent ()
Startup: C:\Users\Default\Saved Games ()
Startup: C:\Users\Default\SendTo ()
Startup: C:\Users\Default\Start Menu ()
Startup: C:\Users\Default\Templates ()
Startup: C:\Users\Default\Videos ()
Startup: C:\Users\Guest\AppData ()
Startup: C:\Users\Guest\Contacts ()
Startup: C:\Users\Guest\Data aplikací ()
Startup: C:\Users\Guest\Desktop ()
Startup: C:\Users\Guest\Documents ()
Startup: C:\Users\Guest\Dokumenty ()
Startup: C:\Users\Guest\Downloads ()
Startup: C:\Users\Guest\Favorites ()
Startup: C:\Users\Guest\Links ()
Startup: C:\Users\Guest\Local Settings ()
Startup: C:\Users\Guest\Music ()
Startup: C:\Users\Guest\Nabídka Start ()
Startup: C:\Users\Guest\ntuser.dat ()
Startup: C:\Users\Guest\ntuser.dat.LOG1 ()
Startup: C:\Users\Guest\ntuser.dat.LOG2 ()
Startup: C:\Users\Guest\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Guest\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Guest\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Guest\ntuser.ini ()
Startup: C:\Users\Guest\Okolní síť ()
Startup: C:\Users\Guest\Okolní tiskárny ()
Startup: C:\Users\Guest\Pictures ()
Startup: C:\Users\Guest\Poslední ()
Startup: C:\Users\Guest\Saved Games ()
Startup: C:\Users\Guest\Searches ()
Startup: C:\Users\Guest\SendTo ()
Startup: C:\Users\Guest\Soubory cookie ()
Startup: C:\Users\Guest\Videos ()
Startup: C:\Users\Guest\Šablony ()
Startup: C:\Users\Martin a Paja\AppData ()
Startup: C:\Users\Martin a Paja\Application Data ()
Startup: C:\Users\Martin a Paja\Contacts ()
Startup: C:\Users\Martin a Paja\Data aplikací ()
Startup: C:\Users\Martin a Paja\Desktop ()
Startup: C:\Users\Martin a Paja\Documents ()
Startup: C:\Users\Martin a Paja\Dokumenty ()
Startup: C:\Users\Martin a Paja\Downloads ()
Startup: C:\Users\Martin a Paja\Favorites ()
Startup: C:\Users\Martin a Paja\Fotky ()
Startup: C:\Users\Martin a Paja\kbpki ()
Startup: C:\Users\Martin a Paja\Links ()
Startup: C:\Users\Martin a Paja\Local Settings ()
Startup: C:\Users\Martin a Paja\Martin ()
Startup: C:\Users\Martin a Paja\Music ()
Startup: C:\Users\Martin a Paja\Nabídka Start ()
Startup: C:\Users\Martin a Paja\ntuser.dat ()
Startup: C:\Users\Martin a Paja\ntuser.dat.LOG1 ()
Startup: C:\Users\Martin a Paja\ntuser.dat.LOG2 ()
Startup: C:\Users\Martin a Paja\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\Martin a Paja\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{34732449-d2e4-11e0-a305-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{34732449-d2e4-11e0-a305-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{34732449-d2e4-11e0-a305-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.0.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.1.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.2.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f4f-051b-11e3-b733-206a8a02d1fc}.TxR.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f50-051b-11e3-b733-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f50-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4b4f9f50-051b-11e3-b733-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4c7f28ef-d13b-11e0-9946-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4c7f28ef-d13b-11e0-9946-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{4c7f28ef-d13b-11e0-9946-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{737784ed-c7d0-11e0-9506-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{737784ed-c7d0-11e0-9506-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{737784ed-c7d0-11e0-9506-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{805d1844-af3b-11df-9982-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{805d1844-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{805d1844-af3b-11df-9982-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{8c9c097d-d471-11e0-b0df-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{8c9c097d-d471-11e0-b0df-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{8c9c097d-d471-11e0-b0df-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{b923c0d2-adda-11e2-8f8e-c4461951af07}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{b923c0d2-adda-11e2-8f8e-c4461951af07}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{b923c0d2-adda-11e2-8f8e-c4461951af07}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{fadb3b32-c63b-11e0-850d-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Martin a Paja\ntuser.dat{fadb3b32-c63b-11e0-850d-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.dat{fadb3b32-c63b-11e0-850d-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Martin a Paja\ntuser.ini ()
Startup: C:\Users\Martin a Paja\Okolní síť ()
Startup: C:\Users\Martin a Paja\Okolní tiskárny ()
Startup: C:\Users\Martin a Paja\Paja ()
Startup: C:\Users\Martin a Paja\Pictures ()
Startup: C:\Users\Martin a Paja\Poslední ()
Startup: C:\Users\Martin a Paja\Pravidla Českého Pravopisu s kompletním zapracováním dodatku MŠMT ČR ()
Startup: C:\Users\Martin a Paja\Saved Games ()
Startup: C:\Users\Martin a Paja\Searches ()
Startup: C:\Users\Martin a Paja\SendTo ()
Startup: C:\Users\Martin a Paja\Soubory cookie ()
Startup: C:\Users\Martin a Paja\Thumbs.db ()
Startup: C:\Users\Martin a Paja\Videos ()
Startup: C:\Users\Martin a Paja\Šablony ()
Startup: C:\Users\Public\AppData ()
Startup: C:\Users\Public\BKr ()
Startup: C:\Users\Public\Desktop ()
Startup: C:\Users\Public\Documents ()
Startup: C:\Users\Public\Downloads ()
Startup: C:\Users\Public\Favorites ()
Startup: C:\Users\Public\Libraries ()
Startup: C:\Users\Public\Music ()
Startup: C:\Users\Public\NTUSER.DAT ()
Startup: C:\Users\Public\NTUSER.DAT.LOG1 ()
Startup: C:\Users\Public\NTUSER.DAT.LOG2 ()
Startup: C:\Users\Public\NTUSER.DAT{3291dce1-9fc2-11df-81a5-206a8a02d1fc}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{3291dce1-9fc2-11df-81a5-206a8a02d1fc}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{3291dce1-9fc2-11df-81a5-206a8a02d1fc}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{6c17ac1e-958a-11df-ab04-c4461951af07}.TM.blf ()
Startup: C:\Users\Public\NTUSER.DAT{6c17ac1e-958a-11df-ab04-c4461951af07}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\Public\NTUSER.DAT{6c17ac1e-958a-11df-ab04-c4461951af07}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\Public\OEM ()
Startup: C:\Users\Public\Pictures ()
Startup: C:\Users\Public\Recorded TV ()
Startup: C:\Users\Public\Thumbs.db ()
Startup: C:\Users\Public\Veřejné CD ROM ()
Startup: C:\Users\Public\Videos ()
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {9A75B447-FE61-4422-872C-38444C71F12F} URL = http://search.freecause.com/search?ourm ... e=63009&p={searchTerms}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
BHO-x32: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA
c:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core
C:\Users\Admin\AppData\Local\temp
Task: {6441296C-C861-471A-B18F-394603900F8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {6D51C0A3-E0ED-4E3E-8488-3679825D23F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {7BDD1DF1-3D35-451C-B090-E51EF75AD4AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: {BB13650E-60AE-485C-A10A-5C6A0666B83B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-21] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job => C:\Users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:93EB7685
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Pavla V.]

Zobrazilo se pouze toto:
(jestli jsem to tedy udělala správně?)


C:\Users\Admin\Desktop => Moved successfully.

==== End of Fixlog ====

[Rudy]

To je divné. Byl FRST a fixlist.txt v jednom adresáři?

[Pavla V.]

Jo, na ploše profilu správce.
Ale koukám, že je celý to PC nějak rozhašený. Sice se nechová nijak divně, ale nejdou žádný aktualizace, ani windows ani jiný programy, chybí .net programy.

[Pavla V.]

Mám to projet znovu? Ale všechny ty čitící programy zmizely (to asi bylo v plánu, že?)

[Rudy]

Zkuste ještě jednou fix FRST a pokud dopadne stejně. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[Pavla V.]

FRST stále stejné. Log z Combofix:

ComboFix 13-11-04.01 - Admin 06.11.2013 22:56:13.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3765.2329 [GMT 1:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Admin\AppData\Local\assembly\tmp
c:\users\Martin a Paja\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-06 do 2013-11-06 )))))))))))))))))))))))))))))))
.
.
2013-11-05 19:23 . 2013-11-05 19:23 -------- d-----w- C:\FRST
2013-11-05 18:20 . 2013-11-05 18:20 -------- d-----w- c:\programdata\Oracle
2013-11-05 18:20 . 2013-11-05 18:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-05 18:19 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-05 18:14 . 2013-11-05 18:14 -------- d-----w- c:\users\Admin\AppData\Roaming\AVAST Software
2013-11-05 18:10 . 2013-11-05 18:10 -------- d-----w- C:\rsit
2013-10-21 16:38 . 2013-10-21 16:38 -------- d-----w- c:\users\Martin a Paja\AppData\Roaming\AVAST Software
2013-10-21 13:41 . 2013-10-21 13:41 -------- d-----w- c:\programdata\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-06 17:39 . 2010-07-22 12:32 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-11-05 13:59 . 2011-02-28 19:47 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-05 13:59 . 2011-01-15 11:51 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-05 13:59 . 2010-07-22 12:32 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-05 13:59 . 2010-07-22 12:32 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-05 13:59 . 2010-07-22 12:32 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-05 13:59 . 2010-07-22 12:31 43152 ----a-w- c:\windows\avastSS.scr
2013-10-21 14:03 . 2013-03-03 21:03 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-21 14:03 . 2013-03-03 21:03 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-21 14:03 . 2012-03-09 15:40 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-09 18:26 . 2012-10-19 06:55 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 18:26 . 2011-05-21 08:32 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PoivY"="c:\program files (x86)\PoivY.com\PoivY\poivy.exe" [2013-11-05 19650352]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-04-24 124136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-11-05 3568312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-6-27 704032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbx64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-19 18:26]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21 17:34]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21 17:34]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job
- c:\users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-22 17:34]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job
- c:\users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-22 17:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-05 13:59 326944 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-20 9996320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-20 877600]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-27 206208]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-07 413720]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-07 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-07 391192]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_3820&r=27360710i416l0418z1i5t46m1k07o
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 81.90.240.1 81.90.240.2
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zkke1wmf.default\
FF - prefs.js: browser.search.defaulturl -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-11-06 23:04:52
ComboFix-quarantined-files.txt 2013-11-06 22:04
.
Před spuštěním: Volných bajtů: 162 643 312 640
Po spuštění: Volných bajtů: 162 774 855 680
.
- - End Of File - - F9620A065E3ABA88CF12D204F071B01E

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Pavla V.]

Děkuji, tady je log:

ComboFix 13-11-04.01 - Admin 07.11.2013 20:23:36.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3765.2278 [GMT 1:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Admin\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job"
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-07 do 2013-11-07 )))))))))))))))))))))))))))))))
.
.
2013-11-07 19:29 . 2013-11-07 19:32 -------- d-----w- c:\users\Martin a Paja\AppData\Local\temp
2013-11-07 19:29 . 2013-11-07 19:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-05 19:23 . 2013-11-05 19:23 -------- d-----w- C:\FRST
2013-11-05 18:20 . 2013-11-05 18:20 -------- d-----w- c:\programdata\Oracle
2013-11-05 18:20 . 2013-11-05 18:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-11-05 18:19 . 2013-10-08 06:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-05 18:14 . 2013-11-05 18:14 -------- d-----w- c:\users\Admin\AppData\Roaming\AVAST Software
2013-11-05 18:10 . 2013-11-05 18:10 -------- d-----w- C:\rsit
2013-10-21 16:38 . 2013-10-21 16:38 -------- d-----w- c:\users\Martin a Paja\AppData\Roaming\AVAST Software
2013-10-21 13:41 . 2013-10-21 13:41 -------- d-----w- c:\programdata\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-06 17:39 . 2010-07-22 12:32 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-11-05 13:59 . 2011-02-28 19:47 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-05 13:59 . 2011-01-15 11:51 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-05 13:59 . 2010-07-22 12:32 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-05 13:59 . 2010-07-22 12:32 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-05 13:59 . 2010-07-22 12:32 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-05 13:59 . 2010-07-22 12:31 43152 ----a-w- c:\windows\avastSS.scr
2013-10-21 14:03 . 2013-03-03 21:03 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-21 14:03 . 2013-03-03 21:03 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-21 14:03 . 2012-03-09 15:40 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-09 18:26 . 2012-10-19 06:55 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 18:26 . 2011-05-21 08:32 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:03 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PoivY"="c:\program files (x86)\PoivY.com\PoivY\poivy.exe" [2013-11-05 19650352]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-02-01 337264]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-04-08 908368]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2009-12-25 201512]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-04-24 124136]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2013-11-05 3568312]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-6-27 704032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbox64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys;c:\windows\SYSNATIVE\drivers\ccdcmbx64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswKbd;aswKbd; [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-19 18:26]
.
2013-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21 17:34]
.
2013-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-21 17:34]
.
2013-11-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001Core.job
- c:\users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-22 17:34]
.
2013-11-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3738297143-3350807749-3718712813-1001UA.job
- c:\users\Martin a Paja\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-22 17:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-05 13:59 326944 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-02-01 18:06 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-01-20 9996320]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-01-20 877600]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-27 206208]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-07 413720]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-02-01 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-07 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-07 391192]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-22 323584]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 860192]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_3820&r=27360710i416l0418z1i5t46m1k07o
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 81.90.240.1 81.90.240.2
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\zkke1wmf.default\
FF - prefs.js: browser.search.defaulturl -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files (x86)\Launch Manager\LMworker.exe
.
**************************************************************************
.
Celkový čas: 2013-11-07 20:37:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-07 19:37
ComboFix2.txt 2013-11-06 22:04
.
Před spuštěním: Volných bajtů: 162 285 199 360
Po spuštění: Volných bajtů: 162 058 022 912
.
- - End Of File - - 593888303C78DAB4B908F3A7DF99DE5E

[Rudy]

Smazáno. PC by již měl být čistý.

[Pavla V.]

Super tak děkuju moc. Pája

[Rudy]

Nemáte zač!