Prosím o preventivku - starší notebook

[Márty84]

Jdu na to.

Az to bude...

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Dejte novy log z RSIT

[Allkor]

CrystalDiskInfo... nelíbí se mi to jeho Pozor

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2014/01/18 16:45:29

-- Controller Map ----------------------------------------------------------
+ Intel(R) ICH8M Ultra ATA Storage Controllers - 2850 [ATA]
+ Primární kanál IDE (0)
- Slimtype DVD A DS8A1P
- Sekundární kanál IDE (1)
+ Intel(R) 82801HEM/HBM SATA AHCI Controller [ATA]
- ST9120822AS
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST9120822AS : 120,0 GB [0/3/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9120822AS
----------------------------------------------------------------------------
Model : ST9120822AS
Firmware : 3.ALD
Serial Number : 5LZ5CHQE
Disk Size : 120,0 GB (8,4/120,0/120,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/150
Power On Hours : 11921 hod.
Power On Count : 3502 krát
Temparature : 37 C (98 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 _97 _97 _20 000000000DE3 Počet spuštění/zastavení
05 100 100 _36 000000000001 Počet přemapovaných sektorů
07 _71 _60 _30 002920FCAA51 Počet chybných hledání
09 _87 _87 __0 000000002E91 Hodin v činnosti
0A 100 100 _34 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _97 _97 _20 000000000DAE Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD _96 _96 __0 000000000004 Vysoká rychlost zápisu
BE _63 _33 _45 0032251F0025 Teplota toku vzduchu
C0 100 100 __0 00000000037E Počet vypnutí disku
C1 __1 __1 __0 0000000315CB Počet cyklů načítání/vymazání
C2 _37 _67 __0 000A00000025 Teplota
C3 _75 _63 __0 00000278AF52 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 354C 354C 5A35 4348 5145
020: 0000 4000 0004 332E 414C 2020 2020 5354 3931 3230
030: 3832 3241 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: 4BB0 0DF9 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0502 0502 0000 0048 0048
080: 00FE 0000 346B 7D09 6003 3C09 3C09 6003 407F 0000
090: 0000 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0002
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 4BB0
130: 0DF9 4BB0 0DF9 2020 0002 8002 8002 0000 3C06 3C06
140: FFFF 07C6 0100 0000 100F 0002 0002 0080 0000 0000
150: 60A0 0000 0000 0000 0000 0000 0000 0000 0A00 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0001 0001 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E0A5


Nové RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ivana at 2014-01-18 16:45:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 37 GB (32%) free of 114 GB
Total RAM: 1014 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:45:49, on 18.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe
C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files\SMART Technologies\Education Software\UCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\DOCUME~1\Ivana\LOCALS~1\Temp\RtkBtMnt.exe
C:\Documents and Settings\Ivana\Plocha\CrystalDiskInfo5_0_0\DiskInfo.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Ivana\Plocha\RSIT.exe
C:\Program Files\trend micro\Ivana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: OLE (Part 1 of 5) - - (no file)
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2373141625
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} (F-Secure Online Scanner 4.0 Launcher) - http://download.sp.f-secure.com/ols/f-s ... uncher.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1c9910644add3e6) (gupdate1c9910644add3e6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Response Hardware - SMART Technologies - C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Služba SMART Board (SMART Board Service) - SMART Technologies - C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
O23 - Service: SMART Display Controller - SMART Technologies ULC - C:\Program Files\SMART Technologies\Education Software\UCService.exe
O23 - Service: SMART Mirror Driver Monitor Service - SMART Technologies Inc. - C:\Program Files\Common Files\SMART Technologies\Mirror Driver\MonitorService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\system32\DRIVERS\xaudio.exe
O24 - Desktop Component 1: Frekvence 1 - http://www.frekvence1.cz/cs/webova_radi ... 2_ad.shtml

--
End of file - 10390 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_IVANA_Ivana.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ivana\Data aplikací\Mozilla\Firefox\Profiles\fzkodh86.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.11"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
SMART Notebook Download Utility - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll [2011-06-23 226160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-04 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-29 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E1233B3-485A-4E51-B77E-9E075A68C588} - SMART Sync - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll [2011-06-22 527216]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-04 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-12-17 761945]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-06-13 162584]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-29 16132608]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-12 53248]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-06-13 138008]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-06-13 142104]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-04 3764024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-17 39408]
"OfficeSyncProcess"=C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART Mirror Driver Monitor Service]
C:\Program Files\Common Files\SMART Technologies\Mirror Driver\MonitorService.exe [2011-06-22 141680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-17 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Ivana^Nabídka Start^Programy^Po spuštění^YoWindow.lnk]
C:\PROGRA~1\YoWindow\yowindow.exe -mt []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-06-05 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"%windir%\explorer.exe"="%windir%\explorer.exe:*:Enabled:Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\SMART Technologies\Education Software\UCGui.exe"="C:\Program Files\SMART Technologies\Education Software\UCGui.exe:*:Enabled:SMART Universal Controller Interface"
"C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe"="C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe:*:Enabled:SMART SNMPAgent"
"C:\Program Files\SMART Technologies\Education Software\UCService.exe"="C:\Program Files\SMART Technologies\Education Software\UCService.exe:*:Enabled:SMART Display Controller Service"
"C:\Program Files\SMART Technologies\Education Software\VantageService.exe"="C:\Program Files\SMART Technologies\Education Software\VantageService.exe:*:Enabled:SMART Vantage Service"
"C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe"="C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe:*:Enabled:SMART Response Software Service"
"C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe"="C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe:*:Enabled:SMART Sync Software Teacher Application"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\EasySetupAssistant\wr741n\EasySetupAssistant.exe"="D:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.DIVX"=divx.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3filter"=ac3filter.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.SEDG"=mcs_vfw.dll
"wave3"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"vidc.tscc"=tsccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-01-18 11:44:39 ----D---- C:\Documents and Settings\Ivana\Data aplikací\Malwarebytes
2014-01-18 11:44:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-01-18 11:44:12 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2014-01-18 11:44:11 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2014-01-18 11:08:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
2014-01-17 17:24:30 ----D---- C:\AdwCleaner
2014-01-17 17:19:22 ----D---- C:\Program Files\trend micro
2014-01-17 17:14:56 ----HD---- C:\BJPrinter
2013-12-20 14:06:55 ----D---- C:\Program Files\Mozilla Firefox
2013-12-19 02:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-19 02:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$

======List of files/folders modified in the last 1 month======

2014-01-18 16:44:52 ----D---- C:\WINDOWS\Temp
2014-01-18 16:42:34 ----SHD---- C:\System Volume Information
2014-01-18 16:42:34 ----D---- C:\WINDOWS\system32\Restore
2014-01-18 16:36:51 ----SD---- C:\WINDOWS\Tasks
2014-01-18 16:36:14 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-18 16:13:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-18 16:10:42 ----D---- C:\WINDOWS\system32
2014-01-18 15:59:21 ----D---- C:\WINDOWS\system32\drivers
2014-01-18 15:41:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2014-01-18 11:44:11 ----D---- C:\Program Files
2014-01-18 11:39:17 ----D---- C:\WINDOWS
2014-01-18 11:35:14 ----SHD---- C:\WINDOWS\Installer
2014-01-18 11:23:00 ----D---- C:\WINDOWS\system32\MRT
2014-01-18 11:22:50 ----D---- C:\WINDOWS\Debug
2014-01-18 11:16:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-18 11:08:57 ----HD---- C:\WINDOWS\inf
2014-01-18 11:08:42 ----SHDC---- C:\WINDOWS\system32\dllcache
2014-01-17 17:06:25 ----D---- C:\WINDOWS\Prefetch
2014-01-04 18:54:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-12-22 12:50:14 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-19 02:21:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-19 02:20:40 ----D---- C:\Program Files\Internet Explorer
2013-12-19 02:20:22 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-12-04 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-01-04 180248]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2007-10-07 304920]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2003-10-28 20016]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-04-24 721904]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-09-30 30376]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 BASFND;BASFND; \??\C:\Program Files\Broadcom\ASFIPMon\BASFND.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\WINDOWS\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2010-09-14 108480]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-06-05 5761728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-31 4424192]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smrtdrv;SMART Technologies Inc. Mirror Driver; C:\WINDOWS\system32\DRIVERS\smrtdrv.sys [2004-04-22 2432]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-12-17 191936]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-01-25 290304]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 CamAv;SAMSUNG Video Capture; C:\WINDOWS\System32\Drivers\CamAv.sys [2005-12-16 58624]
S3 CAMFLT;%CAMFLT.SvcDesc%; C:\WINDOWS\system32\drivers\CAMFLT.sys [2005-07-20 11648]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-12-22 207360]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2007-03-06 1666048]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PAC207;Trust WB-1200p Mini Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Synnetdrv;SynchronEyes network Service; C:\WINDOWS\system32\DRIVERS\Synnetdrv.sys []
S3 SynnetdrvMP;SynnetdrvMP; C:\WINDOWS\system32\DRIVERS\Synnetdrv.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 aswKbd;aswKbd; \??\C:\WINDOWS\system32\drivers\aswKbd.sys []
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [2006-12-19 79432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-04 50344]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 Response Hardware;Response Hardware; C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe [2011-06-23 19312]
R2 SMART Board Service;Služba SMART Board; C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe [2011-07-13 1761136]
R2 SMART Display Controller;SMART Display Controller; C:\Program Files\SMART Technologies\Education Software\UCService.exe [2011-07-13 311664]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-20 604488]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 gupdate1c9910644add3e6;Služba Google Update (gupdate1c9910644add3e6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-17 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-09 194104]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 SMART Mirror Driver Monitor Service;SMART Mirror Driver Monitor Service; C:\Program Files\Common Files\SMART Technologies\Mirror Driver\MonitorService.exe [2011-06-22 141680]
S2 XAudioService;XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-17 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-20 361288]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

[Márty84]

Mi taky ne. Opet je tam spousta chyb cteni a hledani, ale bohuzel to vypada i na nejaky vadny sektor.


Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

[Allkor]

Já padám... error scan svítí celý zeleně. To, že tenhle 6 let starý noťas ještě funguje, považuju za malý zázrak

Akorát teplota vystřelila na 60°C, a to jsem odpoledne ručně čistila větrák... vypadá ale, že zas klesá.

Záložku Health mám prázdnou, neukazuje vůbec nic

[Márty84]

To je dobre, ze je zeleny, jeste to neni tak zle No ale v poradku to taky neni, ty chyby tam jsou, takze je treba to hlidat, zda se to nebude zhorsovat. A samozrejme doporucuji pravidelne zalohovat.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Allkor]

OTL.txt

OTL logfile created on: 19.1.2014 9:42:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ivana\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,36 Mb Total Physical Memory | 253,35 Mb Available Physical Memory | 24,98% Memory free
2,38 Gb Paging File | 1,72 Gb Available in Paging File | 72,23% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,78 Gb Total Space | 36,04 Gb Free Space | 32,24% Space Free | Partition Type: NTFS

Computer Name: IVANA | User Name: Ivana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.19 09:36:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ivana\Plocha\OTL.exe
PRC - [2014.01.04 18:53:53 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.01.04 18:53:51 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.04 13:43:26 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.05.06 19:18:22 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Ivana\Local Settings\temp\RtkBtMnt.exe
PRC - [2013.04.22 09:05:32 | 000,720,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2011.07.13 21:14:52 | 000,311,664 | ---- | M] (SMART Technologies ULC) -- C:\Program Files\SMART Technologies\Education Software\UCService.exe
PRC - [2011.07.13 21:14:40 | 001,761,136 | ---- | M] (SMART Technologies) -- C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
PRC - [2011.06.23 23:11:04 | 000,019,312 | ---- | M] (SMART Technologies) -- C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe
PRC - [2010.02.20 14:03:43 | 000,604,488 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.12.19 13:16:20 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.18 21:47:23 | 002,155,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14011801\algo.dll
MOD - [2013.12.04 17:28:38 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012.02.17 14:22:05 | 002,364,840 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.xqilla.vc100.1.1_9ca15c999435ee05_1.0.1.0_x-ww_115db9e6\xqilla-vc100-1_0.dll
MOD - [2012.02.13 15:07:06 | 000,948,128 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtNetwork4.dll
MOD - [2012.02.13 15:07:04 | 008,266,656 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtGui4.dll
MOD - [2012.02.13 15:07:03 | 002,296,736 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.qt.vc100.4.7_9ca15c999435ee05_1.0.1.0_x-ww_b2691301\QtCore4.dll
MOD - [2012.02.13 15:06:57 | 000,066,976 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.zlib.vc100.1.2_9ca15c999435ee05_1.0.1.0_x-ww_bdce9461\zlib1-vc100-mt-1.2.dll
MOD - [2012.02.13 15:06:53 | 002,310,056 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.redland.vc100.1.0_9ca15c999435ee05_1.0.1.0_x-ww_77050792\redland-vc100-1_0_9.dll
MOD - [2012.02.13 15:06:45 | 000,145,328 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.boostfilesystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_63375869\boost_filesystem-vc100-mt-1_44.dll
MOD - [2012.02.13 15:06:45 | 000,054,184 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.boostthread.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_223d02ca\boost_thread-vc100-mt-1_44.dll
MOD - [2012.02.13 15:06:45 | 000,053,680 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.boostsignals.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_36e3f87f\boost_signals-vc100-mt-1_44.dll
MOD - [2012.02.13 15:06:45 | 000,022,440 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.boostsystem.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_63c41565\boost_system-vc100-mt-1_44.dll
MOD - [2012.02.13 15:06:44 | 000,051,120 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_smarttech.boostdatetime.vc100.1.44_9ca15c999435ee05_1.0.1.0_x-ww_c41aee2c\boost_date_time-vc100-mt-1_44.dll
MOD - [2005.08.12 13:43:48 | 000,311,296 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2005.08.03 21:32:08 | 000,125,440 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2014.01.04 18:53:51 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.12.20 14:07:18 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.11 01:27:43 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.01.08 12:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.07.13 21:14:52 | 000,311,664 | ---- | M] (SMART Technologies ULC) [Auto | Running] -- C:\Program Files\SMART Technologies\Education Software\UCService.exe -- (SMART Display Controller)
SRV - [2011.07.13 21:14:40 | 001,761,136 | ---- | M] (SMART Technologies) [Auto | Running] -- C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe -- (SMART Board Service)
SRV - [2011.06.23 23:11:04 | 000,019,312 | ---- | M] (SMART Technologies) [Auto | Running] -- C:\Program Files\SMART Technologies\Education Software\ResponseHardwareService.exe -- (Response Hardware)
SRV - [2011.06.22 09:42:46 | 000,141,680 | ---- | M] (SMART Technologies Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SMART Technologies\Mirror Driver\MonitorService.exe -- (SMART Mirror Driver Monitor Service)
SRV - [2010.02.20 14:03:43 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.02.20 14:03:42 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.11.16 12:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2006.12.19 13:16:20 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Synnetdrv.sys -- (SynnetdrvMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Synnetdrv.sys -- (Synnetdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV561AV.SYS -- (PID_0928)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LVUSBSta.sys -- (LVUSBSta)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDRm.sys -- (InCDRm)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\InCDPass.sys -- (InCDPass)
DRV - File not found [File_System | Disabled | Stopped] -- system32\drivers\InCDFs.sys -- (InCDFs)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwhid.sys -- (btwhid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btwdndis.sys -- (BTWDNDIS)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btport.sys -- (BTDriver)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\btaudio.sys -- (btaudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - File not found [Kernel | Disabled | Unknown] -- C:\WINDOWS\system32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014.01.04 18:54:11 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014.01.04 18:54:11 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2014.01.04 18:54:11 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.01.04 18:54:11 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.01.04 18:54:10 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.01.04 18:54:10 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.12.04 17:28:51 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010.09.14 14:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2009.04.24 09:50:44 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2007.05.31 10:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.05.14 10:26:10 | 000,508,288 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PFC027.SYS -- (PAC207)
DRV - [2007.03.01 21:22:04 | 000,988,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.03.01 21:21:24 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.03.01 21:21:22 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.02.16 14:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.01.25 04:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006.12.19 13:16:24 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006.11.28 09:44:52 | 000,008,192 | R--- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\XAudio.sys -- (XAudio)
DRV - [2006.10.12 14:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2005.12.16 09:53:50 | 000,058,624 | R--- | M] (Samsung electronics, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamAv.sys -- (CamAv)
DRV - [2005.07.20 01:23:29 | 000,011,648 | R--- | M] (Samsung electronics, Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CamFlt.sys -- (CAMFLT)
DRV - [2005.02.23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004.04.22 11:38:08 | 000,002,432 | ---- | M] (SMART Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smrtdrv.sys -- (smrtdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://tv.nova.cz [binary data]
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{34B51263-2004-44DA-BD10-95F0915417D9}: "URL" = http://vybereme.cz/s?q={searchTerms}
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{3BEB4116-C7EE-42C8-ADE2-BCB922A8EBDD}: "URL" = http://www.google.com/search?q={searchT ... 1I7GPEA_cs
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{4226304e-138c-447b-9101-16784bf1189d}: "URL" = http://www.firmy.cz/phr/{searchTerms}?sourceid=IE_5
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{62d4c6ab-0a22-4fc1-893e-2d42b1a47941}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{6b4e808c-013c-4ed4-aab5-425b31398327}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=IE_5
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{C0887057-5DE6-461E-A9A4-3A464F221D2D}: "URL" = http://jyxo.cz/s?q={searchTerms}&d=cz
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{DCEEE5B5-D0C0-4C55-A940-9BBDBD1B091B}: "URL" = http://websearch.ask.com/redirect?clien ... C5576199F1
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{df39608a-c2bc-4009-bd73-cbaa390ce4c2}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... rceid=IE_5
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{FDFD2032-B51C-463D-8F08-55C3770A84EF}: "URL" = http://nova.zlatestranky.cz/hledat?msit ... earchTerms}
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: jqs%40sun.com:1.0
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Ivana\Local Settings\Data aplikací\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Ivana\Local Settings\Data aplikací\Google\Update\1.3.21.53\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.01.04 18:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014.01.17 11:46:24 | 000,000,000 | ---D | M]

[2009.05.21 07:07:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivana\Data aplikací\Mozilla\Extensions
[2014.01.17 11:46:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ivana\Data aplikací\Mozilla\Firefox\Profiles\fzkodh86.default\extensions
[2014.01.17 11:46:18 | 000,940,775 | ---- | M] () (No name found) -- C:\Documents and Settings\Ivana\Data aplikací\Mozilla\Firefox\Profiles\fzkodh86.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.12.20 14:06:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.20 14:07:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.01.04 18:54:18 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2009.01.06 15:11:42 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.06.25 17:52:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\32.0.1700.76\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! Online Security = C:\Documents and Settings\Ivana\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Ivana\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2014.01.18 16:08:24 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (SMART Sync) - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll (SMART Technologies ULC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\Toolbar\WebBrowser: (no name) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No CLSID value found.
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1292428093-583907252-839522115-1004..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 2373141625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {C237A80A-4C55-4C68-BAA9-CBE4408D12B2} http://download.sp.f-secure.com/ols/f-s ... uncher.cab (F-Secure Online Scanner 4.0 Launcher)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E334797E-86FC-4100-BD9D-47097B2CE2B4}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop Components:1 (Frekvence 1) - http://www.frekvence1.cz/cs/webova_radi ... 2_ad.shtml
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Ivana\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.07 18:02:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sprestrt)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\WINDOWS\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.SEDG - C:\WINDOWS\System32\mcs_vfw.dll ()
Drivers32: vidc.tscc - C:\WINDOWS\System32\tsccvid.dll (TechSmith Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.19 09:36:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ivana\Plocha\OTL.exe
[2014.01.18 17:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\HD Tune
[2014.01.18 17:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HD Tune
[2014.01.18 17:12:40 | 000,642,632 | ---- | C] (EFD Software ) -- C:\Documents and Settings\Ivana\Plocha\hdtune_255.exe
[2014.01.18 16:43:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ivana\Plocha\CrystalDiskInfo5_0_0
[2014.01.18 15:57:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ivana\Plocha\RK_Quarantine
[2014.01.18 11:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ivana\Data aplikací\Malwarebytes
[2014.01.18 11:44:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2014.01.18 11:44:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.01.18 11:44:12 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2014.01.18 11:44:11 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014.01.18 11:22:49 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ivana\Plocha\mbam-setup-1.75.0.1300.exe
[2014.01.17 17:24:30 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.17 17:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.01.17 17:14:56 | 000,000,000 | -H-D | C] -- C:\BJPrinter
[2014.01.17 17:06:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ivana\Nabídka Start\Programy\Revo Uninstaller
[2014.01.17 16:31:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Ivana\Recent
[2013.12.20 14:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Documents and Settings\Ivana\Plocha\CA456FOT.
[2014.01.19 09:50:02 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.19 09:46:51 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.19 09:36:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ivana\Plocha\OTL.exe
[2014.01.19 09:33:24 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2014.01.19 09:31:42 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.19 09:31:41 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Click Maintenance.job
[2014.01.19 09:31:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.19 00:27:01 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.19 00:17:02 | 000,000,388 | -H-- | M] () -- C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_IVANA_Ivana.job
[2014.01.18 23:46:45 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.01.18 18:13:03 | 000,106,493 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\hdtune error scan.JPG
[2014.01.18 17:13:16 | 000,000,613 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\HD Tune.lnk
[2014.01.18 17:12:44 | 000,642,632 | ---- | M] (EFD Software ) -- C:\Documents and Settings\Ivana\Plocha\hdtune_255.exe
[2014.01.18 16:43:23 | 001,496,172 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\CrystalDiskInfo5_0_0.zip
[2014.01.18 15:57:05 | 003,809,280 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\RogueKiller.exe
[2014.01.18 15:56:59 | 004,352,047 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\ComboFix.exe
[2014.01.18 15:22:22 | 000,042,542 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\mbam.JPG
[2014.01.18 11:44:23 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.01.18 11:23:27 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Ivana\Plocha\mbam-setup-1.75.0.1300.exe
[2014.01.18 11:17:13 | 000,000,960 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2014.01.17 17:23:58 | 001,236,282 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\adwcleaner.exe
[2014.01.17 17:19:07 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\RSIT.exe
[2014.01.17 17:06:25 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\Revo Uninstaller.lnk
[2014.01.17 16:32:48 | 000,103,310 | ---- | M] () -- C:\Documents and Settings\Ivana\Dokumenty\cc_20140117_163242.reg
[2014.01.16 12:14:50 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.14 21:41:00 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.01.14 15:15:05 | 000,000,092 | ---- | M] () -- C:\WINDOWS\System32\odehrano.zal
[2014.01.14 15:15:05 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\wsah.hs
[2014.01.13 14:10:25 | 006,314,932 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\KNIHA ZÁZRAK DETOXIKACE.pdf
[2014.01.10 15:54:53 | 000,002,547 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\Microsoft Word 2010.lnk
[2014.01.07 18:18:27 | 000,105,708 | ---- | M] () -- C:\Documents and Settings\Ivana\Plocha\žemlovka do ruky.jpg
[2014.01.04 18:55:31 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2014.01.04 18:54:11 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2014.01.04 18:54:11 | 000,410,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2014.01.04 18:54:11 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2014.01.04 18:54:11 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2014.01.04 18:54:10 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2014.01.04 18:54:10 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2014.01.04 18:54:09 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2014.01.04 18:54:08 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Documents and Settings\Ivana\Plocha\CA456FOT.
[2014.01.19 09:46:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.18 18:13:03 | 000,106,493 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\hdtune error scan.JPG
[2014.01.18 17:13:16 | 000,000,613 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\HD Tune.lnk
[2014.01.18 16:42:56 | 001,496,172 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\CrystalDiskInfo5_0_0.zip
[2014.01.18 15:57:05 | 003,809,280 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\RogueKiller.exe
[2014.01.18 15:56:58 | 004,352,047 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\ComboFix.exe
[2014.01.18 15:19:18 | 000,042,542 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\mbam.JPG
[2014.01.18 11:44:23 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2014.01.17 17:23:57 | 001,236,282 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\adwcleaner.exe
[2014.01.17 16:32:44 | 000,103,310 | ---- | C] () -- C:\Documents and Settings\Ivana\Dokumenty\cc_20140117_163242.reg
[2014.01.13 14:10:25 | 006,314,932 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\KNIHA ZÁZRAK DETOXIKACE.pdf
[2014.01.07 18:18:26 | 000,105,708 | ---- | C] () -- C:\Documents and Settings\Ivana\Plocha\žemlovka do ruky.jpg
[2013.05.06 17:14:57 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4837.dll
[2013.03.17 07:49:22 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.17 07:49:21 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.02.16 15:00:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2010.11.13 14:34:02 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2007.11.25 23:25:39 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Ivana\intlname.ols
[2007.11.21 19:08:12 | 000,033,280 | ---- | C] () -- C:\Documents and Settings\Ivana\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.11.05 20:36:05 | 000,000,113 | ---- | C] () -- C:\Documents and Settings\Ivana\default.pls
[2007.10.09 21:08:43 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Ivana\Local Settings\Data aplikací\fusioncache.dat

========== ZeroAccess Check ==========

[2007.10.09 21:03:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.04.29 05:35:24 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.11.06 13:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2013.11.19 12:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2012.04.29 15:49:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2009.03.01 20:04:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
[2013.05.05 16:49:53 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.04.24 09:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.02.17 15:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
[2010.07.11 21:32:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy-PizzaParty
[2010.07.12 09:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2010.07.01 20:14:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3
[2014.01.18 11:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.18 19:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IM
[2011.05.20 21:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IncrediMail
[2010.11.15 15:37:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
[2010.11.13 14:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SlySoft
[2012.02.17 14:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SMART Technologies
[2009.05.14 18:36:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.05.05 16:51:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2008.09.08 18:52:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2009.05.21 06:54:37 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2013.05.05 16:49:53 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.04.19 15:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Špidla Data Processing, s.r.o
[2007.10.11 20:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ACD Systems
[2013.07.17 21:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\AlawarEntertainment
[2013.12.04 17:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\AVAST Software
[2008.11.23 21:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\CoSoSys
[2012.02.17 11:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\DAEMON Tools Lite
[2013.04.14 17:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ICQ
[2008.03.16 18:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ICQ Toolbar
[2010.09.14 18:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\KvetinkaProzeny.F4442F3611D910A74573A4ECD029F51CBC5E4266.1
[2011.05.20 16:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Miranda
[2011.02.10 17:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\mojosoft
[2009.06.08 13:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Opera
[2012.02.17 15:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\SMART Technologies
[2012.02.17 14:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\SMART Technologies Inc
[2013.05.05 16:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\TuneUp Software
[2008.09.08 18:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Ulead Systems
[2009.05.14 22:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Windows Desktop Search
[2009.05.15 08:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Windows Search
[2013.06.26 21:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\YoWindow
[2012.04.19 15:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Špidla Data Processing, s.r.o
[2013.12.04 18:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVAST Software
[2013.05.05 18:25:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software

========== Purity Check ==========



========== Custom Scans ==========

< >
[2007.10.07 18:00:47 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2007.10.07 18:09:57 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2009.02.09 13:59:46 | 000,000,388 | -H-- | C] () -- C:\WINDOWS\Tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_IVANA_Ivana.job
[2009.02.17 14:20:56 | 000,000,960 | ---- | C] () -- C:\WINDOWS\Tasks\Google Software Updater.job
[2009.05.21 06:55:28 | 000,000,486 | ---- | C] () -- C:\WINDOWS\Tasks\1-Click Maintenance.job
[2009.06.30 21:38:31 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009.06.30 21:38:31 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.04.03 08:07:46 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.07.09 14:38:48 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.10.13 12:21:45 | 000,000,282 | ---- | C] () -- C:\WINDOWS\Tasks\AutoKMS.job

< >

< MD5 for: AGP440.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ERDNT\cache\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: CHANGER.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: IASTOR.SYS >
[2007.10.07 10:25:21 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\NLDRV\001\iastor.sys
[2007.10.07 10:28:23 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\NLDRV\002\iastor.sys
[2007.10.07 10:31:57 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\NLDRV\003\iastor.sys
[2007.10.07 10:31:57 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2007.10.07 10:32:08 | 000,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.05.14 13:58:03 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2014.01.18 15:52:42 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\8f988a11-373b-424f-be80-d75e2f5748b2\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2014.01.18 15:52:39 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\57e58cfe-ae25-40bb-826b-840e5824415f\smss.exe
[2004.08.17 14:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2014.01.18 15:52:43 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\045f495b-7054-4385-be81-e21f510e86ef\svchost.exe
[2014.01.18 15:52:42 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\0e7b900c-d2ab-48cd-bd97-e856b355f88f\svchost.exe
[2014.01.18 15:52:42 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\2ef0d064-ebc0-4230-adc8-e5516a413f10\svchost.exe
[2014.01.18 15:52:43 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\6cfa5d06-3b9c-4237-ba57-08913c9c6eb7\svchost.exe
[2014.01.18 15:52:43 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\85eb3242-3139-4445-8c99-150c618239c4\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\ERDNT\cache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014.01.18 15:52:41 | 000,068,384 | ---- | M] () MD5=27A9730A7AE1E6283CCFCE09E6F34F09 -- C:\WINDOWS\Temp\e9c178bf-3be2-4b4f-a6de-814829126d13\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[54 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[5 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2007.10.11 20:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ACD Systems
[2012.02.13 14:44:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Adobe
[2007.11.26 13:43:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\AdobeUM
[2007.10.09 19:23:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Ahead
[2013.07.17 21:39:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\AlawarEntertainment
[2007.11.25 13:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ArcSoft
[2013.12.04 17:39:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\AVAST Software
[2008.11.23 21:01:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\CoSoSys
[2012.02.17 11:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\DAEMON Tools Lite
[2013.02.05 16:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\dvdcss
[2009.05.12 12:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Google
[2007.10.10 00:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Help
[2013.04.14 17:13:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ICQ
[2008.03.16 18:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ICQ Toolbar
[2007.10.07 18:10:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Identities
[2007.10.07 18:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\InstallShield
[2012.02.17 00:38:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Intelli-studio
[2010.09.14 18:41:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\KvetinkaProzeny.F4442F3611D910A74573A4ECD029F51CBC5E4266.1
[2007.10.10 11:02:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Macromedia
[2014.01.18 11:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Malwarebytes
[2007.10.12 13:20:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Media Player Classic
[2013.11.15 12:28:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ivana\Data aplikací\Microsoft
[2011.05.20 16:28:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Miranda
[2011.02.10 17:10:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\mojosoft
[2009.05.21 07:07:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Mozilla
[2009.06.08 13:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Opera
[2013.11.01 18:28:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Skype
[2012.01.12 20:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\skypePM
[2012.02.17 15:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\SMART Technologies
[2012.02.17 14:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\SMART Technologies Inc
[2009.01.06 15:09:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Sun
[2013.05.05 16:51:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\TuneUp Software
[2008.09.08 18:53:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Ulead Systems
[2013.04.05 15:30:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\vlc
[2009.05.14 22:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Windows Desktop Search
[2009.05.15 08:39:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Windows Search
[2013.06.26 21:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\YoWindow
[2012.04.19 15:58:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\Špidla Data Processing, s.r.o

< %APPDATA%\*.exe /s >
[2013.12.04 17:51:11 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Ivana\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2009.07.07 17:55:24 | 000,319,488 | ---- | M] (Octoshape ApS) -- C:\Documents and Settings\Ivana\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.04.24 09:50:44 | 000,721,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2007.11.06 15:51:06 | 000,237,568 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.11.06 14:33:50 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2007.11.06 15:51:06 | 020,185,088 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.11.06 15:51:06 | 004,194,304 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2014.01.18 11:16:26 | 083,425,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.01.16 12:14:50 | 000,002,422 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.02.17 14:21:00 | 000,039,408 | ---- | M] (Google Inc.)
"OfficeSyncProcess" = "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" -- [2013.04.22 09:05:32 | 000,720,064 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.19 09:46:51 | 000,000,512 | ---- | M] () MD5=143ADC2394D814AC9AAA6F8FA6554B98 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.04.26 16:00:36 | 000,037,327 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Essentials for Educators\CRACKER_00029BF6.galleryitem
[2010.04.26 15:38:38 | 000,015,663 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Essentials for Educators\HUMPTY_DUMPTY_CRACKED_00012998.galleryitem
[2010.04.26 16:09:58 | 000,031,360 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Essentials for Educators\NUTCRACKER_0000E4E7.galleryitem
[2010.04.26 16:10:00 | 000,027,928 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Essentials for Educators\NUTCRACKER_00019C79.galleryitem
[2009.04.06 05:58:32 | 000,143,646 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Lesson Activity Toolkit\Firecracker example.galleryitem
[2009.03.20 10:37:56 | 000,129,525 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\SMART Technologies\Lesson Activity Toolkit\firecracker.galleryitem

< *keygen* /s >
[2006.03.13 13:11:28 | 000,219,648 | ---- | M] () -- \instalace\Nero 7 Premium\Nero7Keygen.exe

< *AntiWPA* /s >

< *loader* /s >
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2011.08.31 13:02:28 | 000,000,986 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects for all users\Adobe Gamma Loader.lnk
[2002.09.25 20:05:38 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2010.10.07 03:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.05.21 17:12:33 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.21 17:12:33 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.21 17:12:33 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.06.08 13:38:32 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.07.27 15:54:50 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.21 17:13:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.05.21 17:13:25 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2002.07.04 16:25:44 | 000,106,496 | ---- | M] () -- \Program Files\Microids\Syberia\Dlls\JpgLoader.dll
[2002.07.04 16:25:48 | 000,036,864 | ---- | M] () -- \Program Files\Microids\Syberia\Dlls\VirtoolsLoaderR.dll
[2011.06.23 20:43:16 | 004,173,680 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\ColladaLoader-vc90-r736.dll
[2011.06.23 20:43:22 | 003,988,336 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\FbxLoader-vc100.dll
[2011.06.23 20:11:08 | 000,052,224 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\ObjLoader-vc100.dll
[2010.10.14 00:07:58 | 000,000,296 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\Support\ruby\1.9.1\yaml\loader.rb
[2011.06.23 19:54:30 | 000,002,713 | ---- | M] () -- \Program Files\SMART Technologies\Education Software\WebInterface\components\uriloader.xpt
[2005.06.07 11:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.03.24 19:12:34 | 000,018,264 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 19:12:34 | 000,249,680 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[8 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2012.02.21 14:26:02 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >
[2004.03.01 20:18:24 | 000,106,496 | ---- | M] () -- \Program Files\Ulead Systems\Ulead Photo Express 5 SE\TextNode.dll

< *AutoKMS* /s >
[1 \WINDOWS\*.tmp files -> \WINDOWS\*.tmp -> ]
[2012.10.13 12:21:39 | 001,725,440 | ---- | M] () -- \WINDOWS\AutoKMS\AutoKMS.exe
[2012.10.13 12:21:39 | 000,000,720 | ---- | M] () -- \WINDOWS\AutoKMS\AutoKMS.ini
[2014.01.19 09:33:20 | 000,346,450 | ---- | M] () -- \WINDOWS\AutoKMS\AutoKMS.log
[2014.01.19 09:32:47 | 000,087,490 | ---- | M] () -- \WINDOWS\Prefetch\AUTOKMS.EXE-01C3577A.pf
[2014.01.19 09:33:24 | 000,000,282 | ---- | M] () -- \WINDOWS\Tasks\AutoKMS.job

< *activator* /s >

< *serial* /s >
[2004.08.17 14:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2007.07.06 11:44:06 | 000,000,513 | ---- | M] () -- \Program Files\Huawei PC Suite\plugins\ConnectionWizardPlugin\SerialCable.png
[2013.09.13 00:53:56 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.10.10 10:41:29 | 001,164,288 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009.05.14 22:01:13 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2007.10.09 21:08:40 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.05.14 22:17:01 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.10.10 10:55:20 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2009.05.14 22:17:12 | 000,090,112 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2013.01.11 01:35:17 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.08.15 15:47:39 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.15 14:12:05 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2008.03.05 09:34:43 | 000,013,972 | ---- | M] () -- \WINDOWS\inf\SocketSerialBT.PNF
[2004.10.25 23:11:58 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.09.10 16:46:28 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2004.08.18 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[8 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2004.08.18 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[1 \WINDOWS\system32\drivers\*.tmp files -> \WINDOWS\system32\drivers\*.tmp -> ]

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2

< End of report >

[Allkor]

Extras.txt

OTL Extras logfile created on: 19.1.2014 9:42:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ivana\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1014,36 Mb Total Physical Memory | 253,35 Mb Available Physical Memory | 24,98% Memory free
2,38 Gb Paging File | 1,72 Gb Available in Paging File | 72,23% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111,78 Gb Total Space | 36,04 Gb Free Space | 32,24% Space Free | Partition Type: NTFS

Computer Name: IVANA | User Name: Ivana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"12303:TCP" = 12303:TCP:*:Enabled:port
"20646:TCP" = 20646:TCP:*:Enabled:port
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"%windir%\explorer.exe" = %windir%\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\SMART Technologies\Education Software\UCGui.exe" = C:\Program Files\SMART Technologies\Education Software\UCGui.exe:*:Enabled:SMART Universal Controller Interface -- (SMART Technologies ULC)
"C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe" = C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe:*:Enabled:SMART SNMPAgent -- (SMART Technologies ULC)
"C:\Program Files\SMART Technologies\Education Software\UCService.exe" = C:\Program Files\SMART Technologies\Education Software\UCService.exe:*:Enabled:SMART Display Controller Service -- (SMART Technologies ULC)
"C:\Program Files\SMART Technologies\Education Software\VantageService.exe" = C:\Program Files\SMART Technologies\Education Software\VantageService.exe:*:Enabled:SMART Vantage Service -- (SMART Technologies ULC)
"C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe" = C:\Program Files\SMART Technologies\Education Software\ResponseSoftwareService.exe:*:Enabled:SMART Response Software Service -- (SMART Technologies)
"C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe" = C:\Program Files\SMART Technologies\Education Software\SMARTSyncTeacher.exe:*:Enabled:SMART Sync Software Teacher Application -- (SMART Technologies ULC.)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe" = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath -- (Skype Technologies S.A.)
"D:\EasySetupAssistant\wr741n\EasySetupAssistant.exe" = D:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5DD7A3-BE29-430C-970B-C553F4A58C39}" = SMART Common Platform
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 22
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{31383A1D-FAE6-435A-9DBD-FDB61C7C8EC9}" = Ulead Photo Express 5 SE
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3ABF6865-E84E-4DAB-B730-0EB9E8F37EB1}" = SMART Response Software
"{434890AA-2E4F-48B6-8417-6E1AB735F55F}" = Trust WB-1200p Mini Webcam
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4B2767BD-9445-4A0C-BB8A-6B8350181B46}" = RUNAWAY - A road adventure
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{588D1BAB-FB96-496C-A1E2-D928C80D49FD}" = Pytlík plný slov
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65F93E53-1BF8-42CC-B34E-ADE8F38A5DDD}" = SMART Czech Language Pack
"{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}" = SMART Product Drivers
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D81615E-B150-488B-90CA-1159E2113BE3}" = SMART Sync Teacher
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E0363CCC-3535-4BAA-9F2C-200F548675D6}" = TuneUp Utilities Language Pack (cs-CZ)
"{E34E9B33-46EC-4252-A52F-DDA3978CC0AF}" = Syberia
"{EA2E8D6D-EE50-4689-B7ED-1E580BC04CC1}" = MiraScan 6.1 (5000)
"{ED0FF410-41B9-441F-B457-4AC81782E8BF}" = SMART Notebook
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AnyDVD" = AnyDVD
"Around The World in 80 Days" = Around The World in 80 Days
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"Cradle Of Rome_is1" = Cradle Of Rome
"Defraggler" = Defraggler
"Diktáty_is1" = Diktáty beta version 1.0.7.0
"DriverTools" = DriverTools 1.0
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink_is1" = DVD Shrink 3.2
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Flaps for Windows" = Flaps for Windows
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HD Tune_is1" = HD Tune 2.55
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{434890AA-2E4F-48B6-8417-6E1AB735F55F}" = Trust WB-1200p Mini Webcam
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Intelli-studio" = SAMSUNG Intelli-studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.3.0 Full
"Luxor: Amun Rising" = Luxor: Amun Rising
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PC Suite" = PC Suite
"Peggle Deluxe 1.0" = Peggle Deluxe 1.0
"Polda III_is1" = Polda III
"Polda_is1" = Polda
"Posel smrti_is1" = Posel smrti 1.2
"Revo Uninstaller" = Revo Uninstaller 1.95
"Samsung_SMP4" = Samsung Video Codec 1.1 Uninstall
"SamsungCamCorderDriver" = Samsung CamCorder Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Treasures Of Montezuma 2" = The Treasures Of Montezuma 2
"Totalcmd" = Total Commander (Remove or Repair)
"VirtualCloneDrive" = VirtualCloneDrive
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.1.2014 21:37:14 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 9.1.2014 11:55:43 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 10.1.2014 11:40:05 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 10.1.2014 19:24:19 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 11.1.2014 13:32:44 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 12.1.2014 17:12:09 | Computer Name = IVANA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 26.0.0.5087, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.1.2014 21:12:25 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 18.1.2014 6:35:00 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 18.1.2014 10:46:41 | Computer Name = IVANA | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =

Error - 18.1.2014 19:49:42 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

[ Application Events ]
Error - 7.1.2014 21:37:14 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 9.1.2014 11:55:43 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 10.1.2014 11:40:05 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 10.1.2014 19:24:19 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 11.1.2014 13:32:44 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 12.1.2014 17:12:09 | Computer Name = IVANA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 26.0.0.5087, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.1.2014 21:12:25 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 18.1.2014 6:35:00 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 18.1.2014 10:46:41 | Computer Name = IVANA | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description =

Error - 18.1.2014 19:49:42 | Computer Name = IVANA | Source = MsiInstaller | ID = 1024
Description = Aktualizaci {411EDCF7-755D-414E-A74B-3DCD6583F589} produktu Microsoft
.NET Framework 1.1 nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba
systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení
potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

[ System Events ]
Error - 18.1.2014 6:35:32 | Computer Name = IVANA | Source = Service Control Manager | ID = 7034
Description = Služba TuneUp Program Statistics Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 18.1.2014 6:35:32 | Computer Name = IVANA | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.

Error - 18.1.2014 6:36:33 | Computer Name = IVANA | Source = Service Control Manager | ID = 7031
Description = Služba SMART Display Controller byla nečekaně ukončena. Stalo se to
2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat
službu.

Error - 18.1.2014 6:36:33 | Computer Name = IVANA | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.

Error - 18.1.2014 6:39:13 | Computer Name = IVANA | Source = Service Control Manager | ID = 7000
Description = Služba XAudioService neuspěla při spuštění v důsledku následující
chyby: %%193

Error - 18.1.2014 10:45:44 | Computer Name = IVANA | Source = Service Control Manager | ID = 7000
Description = Služba XAudioService neuspěla při spuštění v důsledku následující
chyby: %%193

Error - 18.1.2014 11:36:14 | Computer Name = IVANA | Source = Service Control Manager | ID = 7000
Description = Služba XAudioService neuspěla při spuštění v důsledku následující
chyby: %%193

Error - 18.1.2014 18:45:37 | Computer Name = IVANA | Source = Service Control Manager | ID = 7000
Description = Služba XAudioService neuspěla při spuštění v důsledku následující
chyby: %%193

Error - 18.1.2014 19:49:43 | Computer Name = IVANA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x80070643): Aktualizace Service Pack 1 pro Microsoft .NET Framework
1.1.

Error - 19.1.2014 4:31:33 | Computer Name = IVANA | Source = Service Control Manager | ID = 7000
Description = Služba XAudioService neuspěla při spuštění v důsledku následující
chyby: %%193

[ TuneUp Events ]
Error - 18.1.2014 10:45:47 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 15:45:47', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamscheduler.exe','1532',0)

Error - 18.1.2014 10:45:47 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 15:45:47', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','772',0)

Error - 18.1.2014 10:45:47 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 15:45:47', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamgui.exe','1004',0)

Error - 18.1.2014 10:45:47 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 15:45:47', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamgui.exe','2768',0)

Error - 18.1.2014 10:48:28 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 15:48:28', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbam.exe','616',0)

Error - 18.1.2014 11:36:14 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 16:36:14', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamscheduler.exe','1360',0)

Error - 18.1.2014 11:36:14 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 16:36:14', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','288',0)

Error - 18.1.2014 18:45:38 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 23:45:38', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamscheduler.exe','304',0)

Error - 18.1.2014 18:45:38 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-18 23:45:38', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamservice.exe','628',0)

Error - 19.1.2014 4:31:34 | Computer Name = IVANA | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2014-01-19 09:31:34', '\device\harddiskvolume1\program
files\malwarebytes' anti-malware\mbamscheduler.exe','1036',0)


< End of report >

[Márty84]

Pozor na pouzivani TuneUp. Tento soft bohuzel dokaze obcas pekne naborit system.


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
JavaQuickStarterService
TuneUp.ProgramStatisticsSvc
UxTuneUp
gupdate1c9910644add3e6
gusvc
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem
TuneUp.Defrag

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_IVANA_Ivana.job

:otl
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\SearchScopes\{DCEEE5B5-D0C0-4C55-A940-9BBDBD1B091B}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=^A17&apn_dtid=^YYYYYY^YY^CZ&apn_uid=78eca578-9407-44a5-876c-9bb9aa94ae4a&apn_sauid=EA852F0F-B16B-4781-A7BF-97C5576199F1
O3 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\S-1-5-21-1292428093-583907252-839522115-1004\..\Toolbar\WebBrowser: (no name) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No CLSID value found.
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
[2008.03.16 18:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ivana\Data aplikací\ICQ Toolbar
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[54 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[8 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[5 C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\temp\*.tmp -> ]
[1 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]
@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
"OfficeSyncProcess"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[Allkor]

Pozor na pouzivani TuneUp. Tento soft bohuzel dokaze obcas pekne naborit system.

Klidně ho smažu, až skončíme. Přišel mi užitečný, ale s tím nejdůležitějším si asi poradí i CCleaner, že.

Tady je ten log z OTL:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.IVANA
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57472 bytes

User: Ivana
->Temp folder emptied: 1116268248 bytes
->Temporary Internet Files folder emptied: 12615933 bytes
->Java cache emptied: 3929437 bytes
->FireFox cache emptied: 70157281 bytes
->Google Chrome cache emptied: 6811205 bytes
->Opera cache emptied: 166859 bytes
->Flash cache emptied: 380376 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 9906124 bytes

User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 4470216 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 8944 bytes
Windows Temp folder emptied: 29575008 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1540910958 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34306 bytes
RecycleBin emptied: 1676536 bytes

Total Files Cleaned = 2 668,00 mb


[EMPTYFLASH]

User: Administrator

User: Administrator.IVANA
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Ivana
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service TuneUp.ProgramStatisticsSvc stopped successfully!
Service TuneUp.ProgramStatisticsSvc deleted successfully!
Service UxTuneUp stopped successfully!
Service UxTuneUp deleted successfully!
Service gupdate1c9910644add3e6 stopped successfully!
Service gupdate1c9910644add3e6 deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service TuneUp.Defrag stopped successfully!
Service TuneUp.Defrag deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\1-Click Maintenance.job moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\Google Software Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\{D34F18B0-576E-11D0-B28C-00C04FD7CD22}_IVANA_Ivana.job moved successfully.
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{DCEEE5B5-D0C0-4C55-A940-9BBDBD1B091B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DCEEE5B5-D0C0-4C55-A940-9BBDBD1B091B}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-583907252-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
C:\Documents and Settings\Ivana\Data aplikací\ICQ Toolbar folder moved successfully.
C:\WINDOWS\AppPatch\SETD81.tmp deleted successfully.
C:\WINDOWS\AppPatch\SETD82.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP131.tmp\Microsoft.Office.InfoPath.Client.Internal.Host.Interop.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP131.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17CE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP18.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B6.tmp\Microsoft.Office.Interop.InfoPath.SemiTrust.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1BC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E1.tmp\System.Web.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP252.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B4E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C3F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C57.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C6D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DBF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP31C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP320F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3267.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP33.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP336A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP376.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C7A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP426.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP429.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4FC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP51.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5510.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP78.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPDE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFA.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI143.tmp deleted successfully.
C:\WINDOWS\Installer\MSI145.tmp deleted successfully.
C:\WINDOWS\Installer\MSI149.tmp deleted successfully.
C:\WINDOWS\Installer\MSI16B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI17.tmp deleted successfully.
C:\WINDOWS\Installer\MSI325.tmp deleted successfully.
C:\WINDOWS\Installer\MSI3A0.tmp deleted successfully.
C:\WINDOWS\Installer\MSI6D.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9C.tmp deleted successfully.
C:\WINDOWS\Installer\MSIC.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01192014_113536

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Klidně ho smažu, až skončíme. Přišel mi užitečný, ale s tím nejdůležitějším si asi poradí i CCleaner, že.

Uzitecny je, ale bohuzel obcas udela neco, co nema a pak muze byt zle. A ano, CCleaner je dostacujici a prozatim bezpecny

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[Allkor]

Uklizeno, TuneUp je taky fuč. Až bude příště čas, vymažu další nepotřebné programy atd. A hned teď doinstaluju Firewall, až dnes jsem si všimla, že tu není

Pak napiste, jak je na tom pc.

Zase... já to moc neposoudím, ale mamka už včera večer byla nadšená, že je prý notebook mnohem mnohem rychlejší, takže paráda Jestli to bude všechno, tak ještě jednou moc děkuju... hlavně, že to šlo tak rychle, za hodinu zase odjíždím a jsem fak ráda, že jsme to stihli.

[Márty84]

Jen aby ho umeli pouzivat. Ten systemovy firewall je na XP sice temer k nicemu, ale zas kdyz nebudou vedet co s nim, je nekdy lepsi ho nemit vubec


Ja to samozrejme taky neposoudim, kdyz nevim jak bezel predtim, ani ted Podle logu to vypada v poradku, takze pokud je mamka spokojena, myslim, ze neni treba dalsi skeny. A navic stejne uz nemate cas

Cili navrhuji to uzavrit, no a kdyby neco neslo, bud tema znovu otevreme (napsala byste mail - adresa v podpisu), nebo zalozite nove tema. OK?

[Allkor]

Cili navrhuji to uzavrit, no a kdyby neco neslo, bud tema znovu otevreme (napsala byste mail - adresa v podpisu), nebo zalozite nove tema. OK?

Jasně, naprosto souhlasím. Tahle údržba opravdu hodně pomohla, díky

[Márty84]

To mam radost

Nemate vubec zac!

Mejte se krasne a treba zase nekdy