Zasekaný PC i Opera

[xzoom]

Dobrý den, prosím o kontrolu logu z RSIT. Márty84 mi velice pomohl s mým NTB, ale to stejné by potřeboval PC doma. Díky

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel Fousek at 2014-10-10 13:12:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 341 GB (71%) free of 477 GB
Total RAM: 1023 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:13:26, on 10.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\program files\hp\hp software update\hpwuschd2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Documents and Settings\Pavel Fousek\Plocha\RSIT.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\Opera\24.0.1558.64\opera_crashreporter.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\trend micro\Pavel Fousek.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
O2 - BHO: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] c:\program files\hp\hp software update\hpwuschd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microso ... 5672738093
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7297 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\At1.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\At2.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\At3.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\At4.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cedd8ebfb017aa.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1396816703.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\SmartDefragUpdate.job - C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe /autorun
C:\WINDOWS\tasks\SmartDefrag_Startup.job - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe /STARTUP
C:\WINDOWS\tasks\User_Feed_Synchronization-{3A804BB1-D929-43AE-9F42-DB9AC2D60E77}.job - C:\WINDOWS\system32\msfeedssync.exe sync

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-02 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-09 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"HP Software Update"=c:\program files\hp\hp software update\hpwuschd2.exe [2007-03-11 49152]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2000-01-01 20143688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
c:\program files\logitech\logitech webcam software\lws.exe [2009-10-14 2793304]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Vid HD\Vid.exe"="C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 3 months======

2014-10-10 10:38:14 ----D---- C:\rsit
2014-10-10 10:38:14 ----D---- C:\Program Files\trend micro
2014-10-10 09:40:38 ----A---- C:\WINDOWS\wininit.ini
2014-09-12 21:38:53 ----D---- C:\641e51b663e5a9d3a5d66fb418
2014-09-09 07:06:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-22 04:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Systweak
2014-08-22 04:28:05 ----D---- C:\Documents and Settings\Pavel Fousek\Data aplikací\ASP
2014-08-22 04:27:47 ----A---- C:\WINDOWS\system32\roboot.exe
2014-08-22 04:27:36 ----D---- C:\Documents and Settings\Pavel Fousek\Data aplikací\systweak
2014-08-22 04:26:59 ----D---- C:\Program Files\pazera-software

======List of files/folders modified in the last 3 months======

2014-10-10 13:13:21 ----D---- C:\WINDOWS\temp
2014-10-10 13:13:16 ----D---- C:\WINDOWS\Prefetch
2014-10-10 12:05:50 ----SD---- C:\WINDOWS\Tasks
2014-10-10 12:04:27 ----D---- C:\WINDOWS\system32
2014-10-10 12:04:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2014-10-10 11:00:10 ----A---- C:\Documents and Settings\Pavel Fousek\Data aplikací\siw_sdk.dll
2014-10-10 10:38:14 ----D---- C:\Program Files
2014-10-10 09:59:46 ----D---- C:\Documents and Settings
2014-10-10 09:50:17 ----SHD---- C:\WINDOWS\Installer
2014-10-10 09:50:17 ----D---- C:\Config.Msi
2014-10-10 09:46:34 ----D---- C:\WINDOWS\system32\drivers
2014-10-10 09:42:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-10-10 09:42:07 ----D---- C:\Program Files\IObit
2014-10-10 09:40:38 ----D---- C:\WINDOWS
2014-10-10 09:29:36 ----A---- C:\WINDOWS\NeroDigital.ini
2014-10-10 09:00:05 ----D---- C:\WINDOWS\system32\CatRoot2
2014-10-09 13:25:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-09-27 10:56:48 ----D---- C:\Program Files\Opera
2014-09-24 14:51:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-19 10:16:08 ----D---- C:\WINDOWS\SoftwareDistribution
2014-09-19 10:14:52 ----D---- C:\WINDOWS\Debug
2014-09-18 20:59:31 ----D---- C:\WINDOWS\system32\config
2014-09-12 21:39:09 ----D---- C:\WINDOWS\system32\MRT
2014-09-12 21:38:59 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-14 17:43:42 ----HD---- C:\WINDOWS\inf
2014-08-05 09:20:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-02 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-02 192352]
R0 giveio;giveio; C:\WINDOWS\system32\drivers\giveio.sys [1996-04-03 5248]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-07-02 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-02 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-04 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-07-02 57800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-02 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-02 67824]
R2 RtNdPt5x;Realtek NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\RtNdPt5x.sys [2008-07-09 22016]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-02-22 5630168]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2014-02-22 415832]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-02-22 1691480]
S3 bkpkwsdd;bkpkwsdd; C:\WINDOWS\system32\drivers\bkpkwsdd.sys [2013-11-09 403440]
S3 catchme;catchme; C:\WINDOWS\system32\drivers\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2004-09-15 8576]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-02-22 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-27 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2009-05-01 495768]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features; C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS [2009-10-12 29440]
S3 RTLVLAN;Realtek VLAN Intermediate Driver; C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS [2009-02-16 17536]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2014-02-22 13464]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; C:\WINDOWS\system32\drivers\TuneUpUtilitiesDrv.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys []
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys []
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys []
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys []
S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys []
S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2000-01-01 7424]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-02 50344]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-11-09 182696]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2012-09-23 164200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Márty84]

Vypnete trvale Windows Defender.

Pokud to jeste v pc je, odinstalujte Spybot - Search & Destroy 2 a taky vse od IObit

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

[xzoom]

a jak vypnu Windows Defender? v ovladacích panelech jsem ho nenašel.

[xzoom]

# AdwCleaner v3.311 - Report created 10/10/2014 at 19:29:05
# Updated 30/09/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Pavel Fousek - PAVEL-1B83964B5
# Running from : C:\Documents and Settings\Pavel Fousek\Plocha\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Systweak
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Documents and Settings\All Users\Uniblue
Folder Deleted : C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\ConduitEngine
Folder Deleted : C:\Documents and Settings\Pavel Fousek\Data aplikací\ASP
Folder Deleted : C:\Documents and Settings\Pavel Fousek\Data aplikací\dvdvideosoftiehelpers
Folder Deleted : C:\Documents and Settings\Pavel Fousek\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\Pavel Fousek\Data aplikací\Systweak
File Deleted : C:\WINDOWS\system32\roboot.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\conduitEngine
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v37.0.2062.124

[ File : C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6261 octets] - [10/10/2014 19:26:08]
AdwCleaner[S0].txt - [6234 octets] - [10/10/2014 19:29:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6294 octets] ##########

[xzoom]

Windows Defender se mi nakonec podařilo vypnout pomocí msconfig

[Márty84]

Fajn, tak jeste ten MBAM

[xzoom]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.10.10.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Pavel Fousek :: PAVEL-1B83964B5 [administrátor]

10.10.2014 19:48:09
MBAM-log-2014-10-10 (22-10-20).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 453110
Uplynulý čas: 1 hodin, 31 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 7
C:\System Volume Information\_restore{195676D6-3BCE-4190-AB26-89BE3D98901C}\RP772\A0125154.exe (PUP.Optional.Unizeto) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{195676D6-3BCE-4190-AB26-89BE3D98901C}\RP820\A0136736.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{195676D6-3BCE-4190-AB26-89BE3D98901C}\RP820\A0136743.dll (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\170c773.msi (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\WINDOWS\Installer\40e6a5.msi (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\WidgiHelper.exe.vir (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\IObit Apps Toolbar\IE\8.1\iobitappsToolbarIE.dll.vir (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Postupujte presne v tomto poradi.
1) MBAM nezavirejte, jen minimalizujte.
2) Vymazte/Vypnete vytvareni bodu obnovy http://forum.viry.cz/viewtopic.php?f=46&t=47040 , ale nerestartujte pc.
3) Ted nechte nalezy MBAM odstranit a restartujte pc.
4) Zopakujte test s MBAM a napiste jeho vysledek a podle toho zvolim dalsi postup.

Pokud bude cisto, zapnete zase funkci vytvareni bodu obnovy, at pak na to nezapomenem.

[xzoom]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.10.10.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Pavel Fousek :: PAVEL-1B83964B5 [administrátor]

10.10.2014 22:56:40
mbam-log-2014-10-10 (22-56-40).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 425382
Uplynulý čas: 1 hodin, 13 minut, 12 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

MBAM odinstalujte.


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Dejte novy log z RSIT


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[xzoom]

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Professional SP3 [5.1 Build 2600] (x86)
Date : 2014/10/11 0:25:34

-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801GB/GR/GH (ICH7 Family) Serial ATA Storage Controller - 27C0 [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVDRAM GSA-H12N
+ Sekundární kanál IDE (1)
- WDC WD5000AAKS-00A7B2

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKS-00A7B2 : 500,1 GB [0/1/1, pd1]

----------------------------------------------------------------------------
(1) WDC WD5000AAKS-00A7B2
----------------------------------------------------------------------------
Model : WDC WD5000AAKS-00A7B2
Firmware : 01.03B01
Serial Number : WD-WCASZ0835502
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976771055
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 19706 hod.
Power On Count : 3355 krát
Temparature : 39 C (102 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 198 197 _51 00000000133C Počet chyb čtení
03 166 160 _21 00000000125C Čas na roztočení ploten
04 _97 _97 __0 000000000D2F Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _74 _74 __0 000000004CFA Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000D1B Počet cyklů zapnutí zařízení
C0 199 199 __0 000000000441 Počet vypnutí disku
C1 199 199 __0 000000000D2F Počet cyklů načítání/vymazání
C2 108 _96 __0 000000000027 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 199 199 __0 000000000063 Počet podezřelých sektorů
C6 199 199 __0 000000000065 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000007 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 5A30 5A30 3833 3535 3032
020: 0000 8000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3530 3030 4141 4B53 2D30 3742 3742 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 BC41 BC41 4123 207F 0029
090: 0029 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 57EF 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 0410 29FE 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3037 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 77A5

[xzoom]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel Fousek at 2014-10-11 00:27:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 362 GB (76%) free of 477 GB
Total RAM: 1023 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:27:36, on 11.10.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\program files\hp\hp software update\hpwuschd2.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\Opera\24.0.1558.64\opera_crashreporter.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Program Files\Opera\24.0.1558.64\opera.exe
C:\Documents and Settings\Pavel Fousek\Plocha\RSIT.exe
C:\Program Files\trend micro\Pavel Fousek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] c:\program files\hp\hp software update\hpwuschd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microso ... 5672738093
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7222 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\At1.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\At2.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\At3.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\At4.job - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe /UA 9.5 /DDV 0x0900"
C:\WINDOWS\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cedd8ebfb017aa.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -RestrictPrivileges
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Opera scheduled Autoupdate 1396816703.job - C:\Program Files\Opera\launcher.exe --scheduledautoupdate
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\SmartDefragUpdate.job - C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe /autorun
C:\WINDOWS\tasks\SmartDefrag_Startup.job - C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe /STARTUP
C:\WINDOWS\tasks\User_Feed_Synchronization-{3A804BB1-D929-43AE-9F42-DB9AC2D60E77}.job - C:\WINDOWS\system32\msfeedssync.exe sync

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-02 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-09-16 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-09 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-31 4085896]
"HP Software Update"=c:\program files\hp\hp software update\hpwuschd2.exe [2007-03-11 49152]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2000-01-01 20143688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
c:\program files\logitech\logitech webcam software\lws.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinDefend"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Vid HD\Vid.exe"="C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 3 months======

2014-10-10 19:26:06 ----D---- C:\AdwCleaner
2014-10-10 10:38:14 ----D---- C:\rsit
2014-10-10 10:38:14 ----D---- C:\Program Files\trend micro
2014-10-10 09:40:38 ----A---- C:\WINDOWS\wininit.ini
2014-09-12 21:38:53 ----D---- C:\641e51b663e5a9d3a5d66fb418
2014-09-09 07:06:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-22 04:26:59 ----D---- C:\Program Files\pazera-software

======List of files/folders modified in the last 3 months======

2014-10-11 00:25:00 ----D---- C:\WINDOWS\Prefetch
2014-10-11 00:23:43 ----D---- C:\Program Files
2014-10-11 00:23:42 ----D---- C:\WINDOWS\system32\drivers
2014-10-11 00:13:41 ----SHD---- C:\System Volume Information
2014-10-11 00:13:41 ----D---- C:\WINDOWS\system32\Restore
2014-10-10 22:54:41 ----D---- C:\WINDOWS\temp
2014-10-10 22:52:12 ----D---- C:\WINDOWS\system32
2014-10-10 22:52:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2014-10-10 22:50:11 ----D---- C:\WINDOWS\Debug
2014-10-10 22:48:51 ----SHD---- C:\WINDOWS\Installer
2014-10-10 19:36:00 ----RASH---- C:\boot.ini
2014-10-10 19:36:00 ----A---- C:\WINDOWS\win.ini
2014-10-10 19:36:00 ----A---- C:\WINDOWS\system.ini
2014-10-10 19:33:51 ----SD---- C:\WINDOWS\Tasks
2014-10-10 19:31:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\ProductData
2014-10-10 19:29:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-10-10 11:00:10 ----A---- C:\Documents and Settings\Pavel Fousek\Data aplikací\siw_sdk.dll
2014-10-10 09:59:46 ----D---- C:\Documents and Settings
2014-10-10 09:50:17 ----D---- C:\Config.Msi
2014-10-10 09:42:07 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-10-10 09:42:07 ----D---- C:\Program Files\IObit
2014-10-10 09:40:38 ----D---- C:\WINDOWS
2014-10-10 09:29:36 ----A---- C:\WINDOWS\NeroDigital.ini
2014-10-10 09:00:05 ----D---- C:\WINDOWS\system32\CatRoot2
2014-09-27 10:56:48 ----D---- C:\Program Files\Opera
2014-09-24 14:51:20 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-09-19 10:16:08 ----D---- C:\WINDOWS\SoftwareDistribution
2014-09-18 20:59:31 ----D---- C:\WINDOWS\system32\config
2014-09-12 21:39:09 ----D---- C:\WINDOWS\system32\MRT
2014-09-12 21:38:59 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-14 17:43:42 ----HD---- C:\WINDOWS\inf
2014-08-05 09:20:02 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-02 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-02 192352]
R0 giveio;giveio; C:\WINDOWS\system32\drivers\giveio.sys [1996-04-03 5248]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2014-07-02 55112]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-02 779536]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-04 414520]
R1 aswTdi;aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [2014-07-02 57800]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-02 24184]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-02 67824]
R2 RtNdPt5x;Realtek NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\RtNdPt5x.sys [2008-07-09 22016]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2014-02-22 5630168]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2014-02-22 415832]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2014-02-22 1691480]
S3 bkpkwsdd;bkpkwsdd; C:\WINDOWS\system32\drivers\bkpkwsdd.sys [2013-11-09 403440]
S3 catchme;catchme; C:\WINDOWS\system32\drivers\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2004-09-15 8576]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2014-02-22 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-27 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2009-05-01 495768]
S3 RTLTEAMING;Realtek Intermediate Driver for Ethernet Extended Features; C:\WINDOWS\system32\DRIVERS\RTLTEAMING.SYS [2009-10-12 29440]
S3 RTLVLAN;Realtek VLAN Intermediate Driver; C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS [2009-02-16 17536]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-12-08 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-12-08 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-12-08 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-12-08 114280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2014-02-22 13464]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; C:\WINDOWS\system32\drivers\TuneUpUtilitiesDrv.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys []
S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys []
S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys []
S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys []
S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys []
S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2000-01-01 7424]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-02 50344]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-11-09 182696]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-09-16 3273088]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2012-09-23 164200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-11-09 116648]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]

-----------------EOF-----------------

[xzoom]

Vše od IObit i Spybot - Search & Destroy jsem už včera odinstaloval. Ale pořád něco z toho v počítači zůstalo. Např. složky v Program Files s nějakými soubory. Mám to natvrdo smazat, nebo co s tím?

[xzoom]

OTL logfile created on: 11.10.2014 0:37:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pavel Fousek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 398,43 Mb Available Physical Memory | 38,93% Memory free
2,40 Gb Paging File | 1,72 Gb Available in Paging File | 71,39% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 353,69 Gb Free Space | 75,94% Space Free | Partition Type: NTFS

Computer Name: PAVEL-1B83964B5 | User Name: Pavel Fousek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.10.11 00:35:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel Fousek\Plocha\OTL.exe
PRC - [2014.09.27 10:56:30 | 048,070,776 | ---- | M] (Opera Software) -- C:\Program Files\Opera\24.0.1558.64\opera.exe
PRC - [2014.09.27 10:56:30 | 001,372,280 | ---- | M] () -- C:\Program Files\Opera\24.0.1558.64\opera_crashreporter.exe
PRC - [2014.07.31 15:50:43 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014.07.02 12:23:54 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.11.09 21:05:14 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2014.10.10 09:35:20 | 002,859,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14100901\algo.dll
MOD - [2014.09.27 10:56:30 | 001,372,280 | ---- | M] () -- C:\Program Files\Opera\24.0.1558.64\opera_crashreporter.exe
MOD - [2014.09.27 10:56:28 | 001,378,936 | ---- | M] () -- C:\Program Files\Opera\24.0.1558.64\libGLESv2.dll
MOD - [2014.09.27 10:56:27 | 000,974,968 | ---- | M] () -- C:\Program Files\Opera\24.0.1558.64\ffmpegsumo.dll
MOD - [2014.09.27 10:56:27 | 000,182,392 | ---- | M] () -- C:\Program Files\Opera\24.0.1558.64\libEGL.dll
MOD - [2014.07.02 12:24:03 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.07.02 12:23:57 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (TuneUp.UtilitiesSvc)
SRV - File not found [On_Demand | Stopped] -- -- (TuneUp.Defrag)
SRV - [2014.09.24 14:51:21 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.07.02 12:23:54 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014.05.04 16:37:30 | 002,152,736 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013.11.09 21:05:14 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.09.16 12:29:40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.07.25 08:52:52 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2006.11.03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\w800obex.sys -- (w800obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\w800mgmt.sys -- (w800mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\w800mdm.sys -- (w800mdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\w800mdfl.sys -- (w800mdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\w800bus.sys -- (w800bus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (TuneUpUtilitiesDrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdm.sys -- (k750mdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme)
DRV - [2014.07.04 17:43:56 | 000,414,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsp.sys -- (aswSP)
DRV - [2014.07.02 12:24:08 | 000,779,536 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014.07.02 12:24:08 | 000,192,352 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014.07.02 12:24:08 | 000,057,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014.07.02 12:24:07 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014.07.02 12:24:07 | 000,055,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswrdr.sys -- (aswRdr)
DRV - [2014.07.02 12:24:07 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014.07.02 12:24:07 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014.02.22 21:56:13 | 000,415,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2014.02.22 21:55:03 | 005,630,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2014.02.22 21:55:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2014.02.22 21:54:58 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2014.02.22 16:34:12 | 000,013,464 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2013.11.09 22:55:29 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\bkpkwsdd.sys -- (bkpkwsdd)
DRV - [2011.12.08 06:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.12.08 06:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011.12.08 06:22:26 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011.12.08 06:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2009.10.12 04:10:54 | 000,029,440 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLTEAMING.SYS -- (RTLTEAMING)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.05.01 00:56:30 | 000,495,768 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928)
DRV - [2009.02.16 11:35:06 | 000,017,536 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTLVLAN.SYS -- (RTLVLAN)
DRV - [2008.07.09 08:11:34 | 000,022,016 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\RtNdPt5x.sys -- (RtNdPt5x)
DRV - [2008.04.27 13:19:28 | 000,077,568 | ---- | M] () [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\wudfpf.sys -- (WudfPf)
DRV - [2004.09.15 09:53:26 | 000,008,576 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gmfiltr.sys -- (genmcmn)
DRV - [2004.04.19 07:01:00 | 000,006,656 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gflmouhid.sys -- (genmcmnUSB)
DRV - [2000.01.01 02:00:00 | 000,007,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\whfltr2k.sys -- (whfltr2k)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{1AE940A3-E036-434A-8EAC-5AC26A5B2B74}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{257728FE-037B-42F3-9036-9634DF929908}: "URL" = http://www.mapy.cz/?query={searchTerms} ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{3D8E8087-128D-4E33-AC9D-33EAB38DF2EA}: "URL" = http://encyklopedie.seznam.cz/search?q= ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{456E30CB-12C7-4E91-9AB9-2881612E46C0}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{4CD55FCC-3E19-4F95-A129-1A7283305C9D}: "URL" = http://search.seznam.cz/?q={searchTerms ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{52151096-514F-4269-896D-751481ADFA54}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{7CC40D29-AC05-4F70-9C82-3450DAA8E311}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{C061E52D-63AA-4419-89BC-B7968B5B5DF6}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... ckSearch_5
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\SearchScopes\{E8B53621-6CF8-4BCB-84E7-550E40C79718}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@kb-ext.cz/PKIComponent: C:\Documents and Settings\Pavel Fousek\Data aplikací\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.07.02 12:24:10 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.seznam.cz/?clid=22668
CHR - plugin: Error reading preferences file
CHR - Extension: Docs = C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\

O1 HOSTS File: ([2014.05.02 09:33:05 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\Toolbar\ShellBrowser: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found.
O3 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm File not found
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - Reg Error: Value error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: facebook.com ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: iboys.cz ([new] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: localhost ([]http in Internet)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: meteopress.cz ([radar] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: mojebanka.cz ([etrading] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: mojebanka.cz ([sign] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: mojebanka.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: mojeplatba.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: nova.cz ([voyo] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: sledujto.cz ([www] https in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1614895754-113007714-1417001333-1003\..Trusted Domains: tube8.com ([www] https in Důvěryhodné servery)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 5672738093 (Reg Error: Value error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BF1C4C9-9101-477B-9FDB-F176D524FA96}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - File not found
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.04.12 19:02:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - C:\WINDOWS\System32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - xvidvfw.dll File not found
Drivers32: VIDC.YV12 - xvidvfw.dll File not found
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.10.11 00:35:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel Fousek\Plocha\OTL.exe
[2014.10.10 19:26:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.10.10 10:38:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.10 10:38:14 | 000,000,000 | ---D | C] -- C:\rsit
[2014.09.12 21:38:53 | 000,000,000 | ---D | C] -- C:\641e51b663e5a9d3a5d66fb418
[2014.02.22 22:28:11 | 001,178,624 | ---- | C] (CPUID) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\siw_sdk.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.02.16 09:44:29 | 000,000,480 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{3A804BB1-D929-43AE-9F42-DB9AC2D60E77}.job
[2014.10.11 00:46:48 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.10.11 00:40:45 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.10.11 00:39:36 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.10.11 00:35:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel Fousek\Plocha\OTL.exe
[2014.10.11 00:34:09 | 001,790,310 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.10.11 00:34:09 | 000,685,336 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.10.11 00:34:09 | 000,002,804 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.10.11 00:34:09 | 000,000,268 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.10.11 00:32:48 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\Opera scheduled Autoupdate 1396816703.job
[2014.10.11 00:32:45 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cedd8ebfb017aa.job
[2014.10.11 00:32:45 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.10.11 00:32:42 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefragUpdate.job
[2014.10.11 00:32:41 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag_Startup.job
[2014.10.11 00:32:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.10.11 00:24:37 | 001,496,172 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\CrystalDiskInfo5_0_0.zip
[2014.10.10 23:51:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.10.10 20:57:08 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2014.10.10 20:40:11 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2014.10.10 19:36:00 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2014.10.10 19:33:52 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2014.10.10 19:17:51 | 001,375,089 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\adwcleaner_3.311.exe
[2014.10.10 14:00:02 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2014.10.10 11:00:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.10.10 11:00:10 | 001,178,624 | ---- | M] (CPUID) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\siw_sdk.dll
[2014.10.10 10:37:14 | 001,107,968 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\RSIT.exe
[2014.10.10 10:13:43 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\MP3 z Free YouTube.lnk
[2014.10.10 10:11:59 | 000,000,628 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\DADA PROTŘÍDIT!!!!.lnk
[2014.10.10 10:11:59 | 000,000,559 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\RADEK.lnk
[2014.10.10 10:11:59 | 000,000,558 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\DÁŠA.lnk
[2014.10.10 10:11:59 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\PAJA.lnk
[2014.10.10 10:11:59 | 000,000,554 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Plocha\DADA.lnk
[2014.10.10 10:10:02 | 000,000,462 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2014.10.10 09:40:49 | 000,000,079 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014.10.10 09:29:36 | 000,000,110 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\default.pls
[2014.10.10 09:29:36 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2014.10.08 15:00:03 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.09.24 14:51:20 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2014.09.24 14:51:20 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.10.11 00:40:45 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.10.11 00:24:30 | 001,496,172 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\CrystalDiskInfo5_0_0.zip
[2014.10.10 19:17:49 | 001,375,089 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\adwcleaner_3.311.exe
[2014.10.10 10:37:13 | 001,107,968 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\RSIT.exe
[2014.10.10 10:13:43 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\MP3 z Free YouTube.lnk
[2014.10.10 10:11:59 | 000,000,628 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\DADA PROTŘÍDIT!!!!.lnk
[2014.10.10 10:11:59 | 000,000,559 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\RADEK.lnk
[2014.10.10 10:11:59 | 000,000,558 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\DÁŠA.lnk
[2014.10.10 10:11:59 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\PAJA.lnk
[2014.10.10 10:11:59 | 000,000,554 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Plocha\DADA.lnk
[2014.10.10 09:40:38 | 000,000,079 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014.06.19 11:52:42 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\temp.ini
[2014.04.19 20:34:12 | 000,024,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
[2013.11.09 22:59:16 | 000,192,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.11.09 22:59:15 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.08.01 16:35:49 | 000,000,551 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\AutoGK.ini
[2013.07.27 12:24:15 | 000,157,437 | ---- | C] () -- C:\WINDOWS\hpoins14.dat
[2013.07.27 12:24:15 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat
[2013.07.27 12:15:50 | 000,000,034 | ---- | C] () -- C:\WINDOWS\AvastEmUpdate.ini
[2013.07.27 11:25:10 | 000,119,372 | ---- | C] () -- C:\WINDOWS\hpqins00.dat.temp
[2013.07.27 11:08:03 | 000,158,074 | ---- | C] () -- C:\WINDOWS\hpoins14.dat.temp
[2013.07.27 11:08:03 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat.temp
[2013.06.28 08:30:28 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.26 20:35:18 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.26 20:35:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.04.29 14:19:28 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\whfltr2k.sys
[2013.04.29 12:54:04 | 000,026,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2013.04.12 22:35:54 | 000,119,372 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2013.02.08 05:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2013.01.06 21:55:25 | 000,000,057 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Ament.ini
[2012.12.26 15:45:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.12.26 15:45:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.12.26 15:45:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.12.26 15:45:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.12.26 15:45:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.07.03 12:07:38 | 000,000,936 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SRDownloader.nast
[2011.04.24 18:49:52 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLev.DAT
[2011.04.24 18:49:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Piano Hard
[2011.04.24 18:49:51 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLes.DAT
[2011.04.24 18:49:50 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLet.DAT
[2011.04.24 18:49:50 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Phaser
[2011.04.24 18:36:06 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Data aplikací\PKP_DLdu.DAT
[2011.04.24 18:36:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\PDEs
[2011.01.30 01:34:56 | 000,000,173 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\msmathematics.qat.Pavel Fousek
[2010.09.28 14:22:09 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\fusioncache.dat
[2010.09.18 10:39:27 | 000,240,640 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.08.17 12:27:13 | 000,006,435 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\intlname.ols
[2010.05.30 17:44:16 | 000,000,110 | ---- | C] () -- C:\Documents and Settings\Pavel Fousek\default.pls

========== ZeroAccess Check ==========

[2010.08.28 15:40:54 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 10:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 10:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.06.21 11:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Activ Software
[2010.04.15 16:12:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2011.10.21 12:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Avanquest
[2013.11.09 22:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.10.21 12:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BVRP Software
[2013.02.05 23:33:08 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.04.24 18:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnterNHelp
[2011.07.04 00:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Guitar Pro 6
[2014.10.10 19:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2014.02.22 21:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2013.02.11 21:10:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.02.16 23:19:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
[2012.05.19 23:00:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nikon
[2014.10.10 19:31:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ProductData
[2012.03.25 23:32:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2011.02.20 17:02:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SSScanAppDataDir
[2011.02.14 16:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.12.11 17:14:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2011.04.24 18:49:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ultima_T15
[2013.01.06 21:58:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Visan
[2011.07.08 16:56:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{00BAB1C5-D99B-4EF4-B1D6-1DEB5DA070DA}
[2011.02.06 16:23:48 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.12.11 17:11:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2014.02.28 16:38:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
[2011.02.06 16:33:35 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{55A29068-F2CE-456C-9148-C869879E2357}
[2013.02.11 18:21:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2010.04.15 17:22:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011.12.18 17:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2011.07.02 22:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\AnvSoft
[2013.11.09 23:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\AVAST Software
[2012.08.11 16:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoft
[2011.07.09 21:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Guitar Pro 6
[2013.02.04 19:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\HellSpy.cz Download Manager
[2012.06.12 15:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\ICQ
[2014.06.17 02:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit
[2013.01.13 20:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit Apps
[2013.10.26 11:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\KB-ext
[2011.02.14 16:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\langmaster.sz
[2010.09.17 17:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Leadertech
[2011.04.24 19:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Nikon
[2014.04.06 21:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Opera
[2014.04.06 22:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Opera Software
[2014.06.17 02:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\ProductData
[2012.03.25 23:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Samsung
[2013.02.15 11:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz
[2010.11.17 15:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Simple Star
[2011.05.27 15:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Sony
[2011.05.27 15:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Sony Setup
[2010.05.16 19:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Teleca
[2011.12.11 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\TuneUp Software
[2010.09.28 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Windows Search
[2010.11.20 21:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\YCanPDF

========== Purity Check ==========



========== Custom Scans ==========

< >
[2010.04.12 18:59:50 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.04.12 19:06:17 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.04.26 00:21:02 | 000,000,480 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{3A804BB1-D929-43AE-9F42-DB9AC2D60E77}.job
[2011.03.04 17:00:59 | 000,000,294 | ---- | C] () -- C:\WINDOWS\Tasks\SmartDefrag_Startup.job
[2013.01.06 21:57:42 | 000,000,462 | ---- | C] () -- C:\WINDOWS\Tasks\At1.job
[2013.01.06 21:57:42 | 000,000,462 | ---- | C] () -- C:\WINDOWS\Tasks\At2.job
[2013.01.06 21:57:42 | 000,000,462 | ---- | C] () -- C:\WINDOWS\Tasks\At3.job
[2013.01.06 21:57:43 | 000,000,462 | ---- | C] () -- C:\WINDOWS\Tasks\At4.job
[2013.01.14 00:01:55 | 000,000,292 | ---- | C] () -- C:\WINDOWS\Tasks\SmartDefragUpdate.job
[2013.04.14 19:04:59 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.04.14 19:05:41 | 000,000,952 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.07.03 20:53:31 | 000,000,330 | -H-- | C] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2013.11.09 23:00:41 | 000,000,948 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cedd8ebfb017aa.job
[2014.02.16 00:12:49 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2014.03.09 22:10:00 | 000,000,230 | ---- | C] () -- C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.09 22:10:01 | 000,000,236 | ---- | C] () -- C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.06.14 13:44:48 | 000,000,404 | ---- | C] () -- C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1396816703.job

< >

< MD5 for: AGP440.SYS >
[2008.04.27 12:22:26 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.27 12:22:26 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 02:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\i386\AUTOCHK.EXE
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 10:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110304T134912343750\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110304T141836265625\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110306T152652125000\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110306T154115875000\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110613T160019734375\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130429T102035578125\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130429T102438359375\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130429T120449859375\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130703T210741687500\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130727T100000390625\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20140222T143522484375\gencdrom\cdrom.sys
[2008.04.14 02:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 10:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2008.04.14 10:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 10:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 10:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 10:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 10:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 10:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110304T134912343750\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110304T141836265625\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110306T152652125000\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20110306T154115875000\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130429T102438359375\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130429T120449859375\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130703T210741687500\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20130727T100000390625\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20140222T143522484375\acpiapic_up\hal.dll
[2008.04.14 02:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: ISAPNP.SYS >
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\dllcache\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys
[2008.04.14 09:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\ReinstallBackups\0026\DriverFiles\i386\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 10:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\erdnt\cache\ndis.sys
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 02:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 10:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 10:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 10:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 10:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 10:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\erdnt\cache\svchost.exe
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 10:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 10:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 10:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 10:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2008.04.14 10:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 10:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\AppPatch\*.tmp files -> C:\WINDOWS\AppPatch\*.tmp -> ]
[46 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[89 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]
[1 C:\WINDOWS\twain_32\*.tmp files -> C:\WINDOWS\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.20 22:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\ABBYY
[2014.02.22 00:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Adobe
[2011.03.16 17:29:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Ahead
[2011.07.02 22:11:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\AnvSoft
[2013.05.10 18:43:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Apple Computer
[2013.11.09 23:06:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\AVAST Software
[2012.08.11 16:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoft
[2012.12.18 16:03:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Google
[2011.07.09 21:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Guitar Pro 6
[2013.02.04 19:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\HellSpy.cz Download Manager
[2010.04.16 15:21:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\HP
[2013.04.12 21:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\HpUpdate
[2012.06.12 15:45:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\ICQ
[2010.04.12 19:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Identities
[2014.06.17 02:50:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit
[2013.01.13 20:29:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit Apps
[2013.10.26 11:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\KB-ext
[2011.02.14 16:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\langmaster.sz
[2010.09.17 17:47:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Leadertech
[2011.06.21 11:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Macromedia
[2014.02.16 21:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Malwarebytes
[2012.07.11 17:09:11 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Microsoft
[2010.04.15 16:11:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Mozilla
[2010.05.14 16:06:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Nero
[2011.04.24 19:00:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Nikon
[2014.04.06 21:58:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Opera
[2014.04.06 22:38:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Opera Software
[2014.06.17 02:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\ProductData
[2012.03.25 23:43:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Samsung
[2013.02.15 11:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz
[2010.11.17 15:07:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Simple Star
[2014.03.12 19:35:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Skype
[2011.05.27 15:34:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Sony
[2011.05.27 15:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Sony Setup
[2010.04.15 16:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Sun
[2010.05.16 19:09:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Teleca
[2011.12.11 17:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\TuneUp Software
[2010.09.28 13:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Windows Search
[2010.04.15 18:03:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\WinRAR
[2010.11.20 21:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel Fousek\Data aplikací\YCanPDF

< %APPDATA%\*.exe /s >
[2014.06.17 02:50:55 | 000,588,608 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2014.06.17 02:50:55 | 000,629,568 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.02.28 14:25:32 | 002,130,720 | ---- | M] (IObit) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2013.10.26 11:58:09 | 001,175,960 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\KB-ext\lib\unins000.exe
[2010.04.15 16:36:23 | 001,956,808 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.04.24 18:38:32 | 000,335,872 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
[2013.07.28 15:59:44 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2011.04.24 18:52:43 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2012.05.13 12:27:32 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
[2012.03.25 23:44:38 | 000,106,408 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentInstaller.exe
[2012.03.25 23:44:38 | 000,101,288 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\AgentUpdate.exe
[2012.03.25 23:44:39 | 000,021,416 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Samsung\Kies\FirmwareUpdateTemp\AGENT\KiesPDLR.exe
[2012.09.13 15:24:48 | 001,009,288 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\szninstall.exe
[2012.09.14 14:06:28 | 002,515,592 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\sznsetup.exe
[2013.02.04 14:53:06 | 000,700,416 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\bin\chromeUpdatePref.exe
[2013.01.22 14:55:12 | 000,456,696 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\bin\szndesktop.exe
[2012.12.19 10:12:06 | 000,092,296 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\bin\wszndesktop.exe
[2013.02.04 15:53:30 | 000,055,808 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\data\ffinstall\reg.exe
[2013.02.04 15:53:34 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\data\ffinstall\regctrl.exe
[2011.05.27 15:54:32 | 033,850,672 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\Pavel Fousek\Data aplikací\Sony Setup\9234765D-29DF-48d0-93FB-284B7B6009B9\QuickTimeInstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2010.10.14 14:06:37 | 000,339,968 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2010.10.14 14:07:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2010.10.14 16:15:35 | 032,747,520 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2010.10.14 16:15:37 | 004,980,736 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.10.11 00:34:09 | 000,685,336 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.10.11 00:34:09 | 000,000,268 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.10.11 00:34:09 | 001,790,310 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.10.11 00:34:09 | 000,002,804 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.10.10 11:00:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 10:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
[spybotsd]
timeout.old=30

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.10.11 00:40:45 | 000,000,512 | ---- | M] () MD5=D6873ED4E51CD2DDEA891CDDC0F09147 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2012.08.11 16:39:03 | 000,000,251 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Pavel Fousek\Data aplikací\dvdvideosoftiehelpers\freeytvdownloader.htm.vir
[2014.10.11 00:33:46 | 000,785,773 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\IObit\ASCDownloader\Downloader.log
[2009.05.15 07:36:22 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2010.05.31 17:10:11 | 000,000,672 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\VDOWNLOADER\VDownloader.lnk
[2011.01.09 14:31:24 | 000,000,771 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Downloader\Uninstall YouTube Downloader.lnk
[2011.01.09 14:31:24 | 000,000,771 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Downloader\YouTube Downloader.lnk
[2011.03.16 17:17:25 | 000,000,722 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Video Downloader\Uninstall YouTube Video Downloader.lnk
[2011.03.16 17:17:25 | 000,000,565 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Video Downloader\YouTube Video Downloader on the Web.lnk
[2011.03.16 17:17:25 | 000,000,698 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Video Downloader\YouTube Video Downloader User Mannual.lnk
[2011.03.16 17:17:25 | 000,000,767 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\YouTube Video Downloader\YouTube Video Downloader.lnk
[2012.07.06 12:24:36 | 000,008,386 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2012.08.11 16:39:37 | 000,100,282 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_install.txt
[2012.10.19 23:48:10 | 000,062,712 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\DVDVideoSoft\logs\FreeYTVDownloader_v1.log
[2010.05.31 17:10:11 | 000,000,678 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2012.09.13 15:45:58 | 000,058,424 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\bin\libfoxloader.dll
[2012.08.07 14:39:12 | 000,000,165 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2012.11.13 16:40:02 | 000,030,608 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2012.08.13 19:05:28 | 000,000,235 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.install.bat
[2012.08.13 19:05:26 | 000,000,130 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Data aplikací\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_0_0.uninstall.bat
[2011.07.03 13:34:11 | 000,000,936 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Local Settings\Data aplikací\SRDownloader.nast
[2014.10.09 14:59:05 | 000,007,825 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Local Settings\Temporary Internet Files\Content.IE5\F846N3F5\ajax-loader[1].gif
[2012.12.19 16:47:49 | 000,002,693 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Oblíbené položky\DADA\Stahování z Youtube do MP3 zdarma - online youtube downloader - Sosal.cz.url
[2008.04.14 10:51:40 | 000,017,421 | ---- | M] () -- \i386\DMLOADER.DL_
[2008.04.14 02:01:48 | 000,115,367 | ---- | M] () -- \i386\OSLOADER.EX_
[2008.04.14 02:01:50 | 000,133,029 | ---- | M] () -- \i386\OSLOADER.NT_
[2014.07.02 12:23:53 | 000,071,968 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2007.05.16 10:26:06 | 000,177,712 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2012.07.12 17:13:38 | 000,944,280 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2010.10.05 15:19:20 | 001,160,304 | ---- | M] () -- \Program Files\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2009.12.07 15:00:36 | 000,688,128 | ---- | M] () -- \Program Files\Common Files\Nikon\File Uploader\NkFileUploader.exe
[2009.12.07 15:00:12 | 000,011,776 | ---- | M] () -- \Program Files\Common Files\Nikon\File Uploader\NkFileUploaderLang.dll
[2012.07.06 18:33:16 | 000,041,128 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2012.07.06 18:33:16 | 002,183,848 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
[2012.06.21 18:17:00 | 000,000,939 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.xml
[2012.07.06 12:24:36 | 000,008,386 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2012.05.23 18:29:14 | 000,004,522 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2012.07.06 18:33:06 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:06 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,036,864 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,040,960 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2012.07.06 18:33:08 | 000,032,768 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2011.07.29 18:31:50 | 000,042,144 | ---- | M] () -- \Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2009.10.06 07:08:30 | 000,145,082 | ---- | M] () -- \Program Files\HP\HP Deskjet 3050A J611 series\Bin\HelpViewer\Resources\Loader.gif
[2013.11.09 21:08:56 | 000,002,941 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013.11.09 21:08:57 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013.11.09 21:09:01 | 001,138,236 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013.11.09 21:08:57 | 000,007,002 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013.11.09 21:08:57 | 000,006,658 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013.11.09 21:09:02 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2009.05.31 04:21:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.11.13 16:40:02 | 000,030,608 | ---- | M] () -- \Program Files\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2009.11.16 10:59:24 | 002,654,216 | ---- | M] () -- \Program Files\VDOWNLOADER\VDownloader.exe
[2006.12.05 22:30:06 | 000,094,208 | ---- | M] () -- \Program Files\YouTube Video Downloader\YoutubeDownloader.exe
[2008.04.14 10:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2012.06.13 17:17:36 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.04.14 10:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2007.08.07 13:04:24 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2004.08.17 16:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[3 \Documents and Settings\Pavel Fousek\Data aplikací\Opera Software\Opera Stable\*.tmp files -> \Documents and Settings\Pavel Fousek\Data aplikací\Opera Software\Opera Stable\*.tmp -> ]
[2014.10.09 15:09:47 | 000,002,013 | ---- | M] () -- \Documents and Settings\Pavel Fousek\Local Settings\Temporary Internet Files\Content.IE5\XEAVNM77\jquery.serialScroll-min[1].js
[2001.10.25 18:00:00 | 000,024,957 | ---- | M] () -- \i386\DPSERIAL.DL_
[2008.04.14 09:51:10 | 000,030,259 | ---- | M] () -- \i386\SERIAL.SY_
[2001.10.25 18:00:00 | 000,006,549 | ---- | M] () -- \i386\SERIALUI.DL_
[2013.11.09 21:08:53 | 000,034,704 | ---- | M] () -- \Program Files\Java\jdk1.6.0_43\bin\serialver.exe
[2011.03.10 01:43:26 | 000,413,696 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.dll
[2013.02.05 23:04:00 | 001,186,816 | ---- | M] () -- \Program Files\Microsoft Silverlight\4.0.60310.0\System.Runtime.Serialization.ni.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.10.28 10:10:40 | 000,007,185 | ---- | M] () -- \Program Files\Sun\JavaDB\docs\html\ref\rreffuncxmlserialize.html
[2010.09.21 17:20:48 | 000,030,997 | ---- | M] () -- \Program Files\Sun\JavaDB\javadoc\jdbc3\serialized-form.html
[2010.09.21 17:20:52 | 000,029,304 | ---- | M] () -- \Program Files\Sun\JavaDB\javadoc\jdbc4\serialized-form.html
[2010.09.28 13:37:37 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.09.29 18:02:14 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.28 15:44:35 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.15 17:21:09 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.08.28 15:44:48 | 000,090,112 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2013.01.10 00:06:45 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.10 18:01:41 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\07de14823c42ee36ffa303d9c89ded36\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.15 17:52:31 | 002,349,056 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\0a39e7fff5c55140a71de713041516ab\System.Runtime.Serialization.ni.dll
[2013.01.10 17:55:46 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll
[2014.02.15 17:51:46 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.05.16 18:46:30 | 002,637,312 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e1e5fdef93d69dc13cb360d91fdcdf4c\System.Runtime.Serialization.ni.dll
[2013.02.16 20:44:18 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\f9df64b31138b2e6dd29444118a1f76c\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2010.04.07 23:48:30 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_133675_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.04.07 23:48:30 | 000,970,752 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\FL_System_Runtime_Serialization_dll_147207_____x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.05.16 18:06:12 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.05.16 18:05:58 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2004.07.15 14:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 19:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.09.10 17:46:28 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 001,026,936 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 18:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 18:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 09:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 149 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:504A5436

< End of report >

[xzoom]

OTL Extras logfile created on: 11.10.2014 0:37:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pavel Fousek\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 398,43 Mb Available Physical Memory | 38,93% Memory free
2,40 Gb Paging File | 1,72 Gb Available in Paging File | 71,39% Paging File free
Paging file location(s): c:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 353,69 Gb Free Space | 75,94% Space Free | Partition Type: NTFS

Computer Name: PAVEL-1B83964B5 | User Name: Pavel Fousek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5985:TCP" = 5985:TCP:*:Disabled:Vzdálená správa systému Windows

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 19
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{32A3A4F4-B792-11D6-A78A-00B0D0160430}" = Java(TM) SE Development Kit 6 Update 43
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5B26F17A-9272-4A26-9DF9-18157AFAC6CD}" = IObit Apps Toolbar v8.1
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77b0db3f-cc8b-4802-b3aa-5c1314e637ab}" = Nero 9 Trial
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A3FD0CA9-884F-4525-97B8-0AE6179302E6}" = F2100
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.10.29
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.08)
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C5ADA65A-7828-4D85-B071-ECC52B51F794}" = Sony Ericsson PC Suite 1.20.173
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 1.12
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDC7BEC8-D631-4e36-81D7-FC3689209AA6}" = F2100_Help
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}" = Nero 7 Premium
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB48851B-96A4-489f-9F95-29F3731E9764}" = F2100_doccd
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Applian FLV Player2.0.24" = Applian FLV Player
"Avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.7
"Freecorder4.0" = Freecorder 4.0 Application
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"Lamer" = Lamer
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Opera 24.0.1558.64" = Opera Stable 24.0.1558.64
"SensorsView beta 1.0" = SensorsView beta 1.0
"Sony Ericsson W800" = Sony Ericsson W800 Software
"TuneUp Utilities" = TuneUp Utilities
"Uninstall_is1" = Uninstall 1.0.0.1
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR 5.10 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1614895754-113007714-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.5.2014 14:57:04 | Computer Name = PAVEL-1B83964B5 | Source = Application Error | ID = 1000
Description = Chybující aplikace HPCustPartic.exe, verze 28.0.1315.0, chybující
modul HPCustPartic.exe, verze 28.0.1315.0, adresa chyby 0x00097b6c.

Error - 6.5.2014 2:12:23 | Computer Name = PAVEL-1B83964B5 | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 6.5.2014 2:12:23 | Computer Name = PAVEL-1B83964B5 | Source = LoadPerf | ID = 3001
Description = Hodnota řetězce názvu čítače výkonu v registru je nesprávně naformátovaná.
Neplatný řetězec 6580, hodnota neplatného indexu je v prvním bajtu DWORD v datové
části. Poslední platná hodnota indexu je v druhém a třetím bajtu DWORD v datové
oblasti.

Error - 6.5.2014 4:10:05 | Computer Name = PAVEL-1B83964B5 | Source = Application Error | ID = 1000
Description = Chybující aplikace HPCustPartic.exe, verze 28.0.1315.0, chybující
modul HPCustPartic.exe, verze 28.0.1315.0, adresa chyby 0x00097b6c.

Error - 6.5.2014 10:07:39 | Computer Name = PAVEL-1B83964B5 | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 6.5.2014 10:07:39 | Computer Name = PAVEL-1B83964B5 | Source = LoadPerf | ID = 3001
Description = Hodnota řetězce názvu čítače výkonu v registru je nesprávně naformátovaná.
Neplatný řetězec 6580, hodnota neplatného indexu je v prvním bajtu DWORD v datové
části. Poslední platná hodnota indexu je v druhém a třetím bajtu DWORD v datové
oblasti.

Error - 6.5.2014 14:40:05 | Computer Name = PAVEL-1B83964B5 | Source = Application Error | ID = 1000
Description = Chybující aplikace HPCustPartic.exe, verze 28.0.1315.0, chybující
modul HPCustPartic.exe, verze 28.0.1315.0, adresa chyby 0x00097b6c.

Error - 6.5.2014 14:57:03 | Computer Name = PAVEL-1B83964B5 | Source = Application Error | ID = 1000
Description = Chybující aplikace HPCustPartic.exe, verze 28.0.1315.0, chybující
modul HPCustPartic.exe, verze 28.0.1315.0, adresa chyby 0x00097b6c.

Error - 6.5.2014 16:08:30 | Computer Name = PAVEL-1B83964B5 | Source = LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance rozšíření zprostředkovatele čítačů. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 6.5.2014 16:08:30 | Computer Name = PAVEL-1B83964B5 | Source = LoadPerf | ID = 3001
Description = Hodnota řetězce názvu čítače výkonu v registru je nesprávně naformátovaná.
Neplatný řetězec 6580, hodnota neplatného indexu je v prvním bajtu DWORD v datové
části. Poslední platná hodnota indexu je v druhém a třetím bajtu DWORD v datové
oblasti.

[ System Events ]
Error - 21.2.2014 9:58:27 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7000
Description = Služba TuneUp Utilities Service neuspěla při spuštění v důsledku následující
chyby: %%3

Error - 21.2.2014 9:59:48 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 21.2.2014 9:59:48 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: WudfPf

Error - 21.2.2014 10:00:34 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7023
Description = Služba Adaptér výkonu služby WMI byla ukončena s následující chybou:
%%2147500037

Error - 21.2.2014 10:31:02 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7000
Description = Služba TuneUp Theme Extension neuspěla při spuštění v důsledku následující
chyby: %%1083

Error - 21.2.2014 10:31:02 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Spybot-S&D 2 Security Center Service.

Error - 21.2.2014 10:31:02 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7000
Description = Služba Spybot-S&D 2 Security Center Service neuspěla při spuštění
v důsledku následující chyby: %%1053

Error - 21.2.2014 10:31:02 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7000
Description = Služba TuneUp Utilities Service neuspěla při spuštění v důsledku následující
chyby: %%3

Error - 21.2.2014 10:32:23 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7022
Description = Služba Služba HP CUE DeviceDiscovery přestala během spouštění reagovat.

Error - 21.2.2014 10:32:23 | Computer Name = PAVEL-1B83964B5 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: WudfPf

[ TuneUp Events ]
Error - 24.10.2010 9:10:25 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 24.10.2010 9:17:43 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 24.10.2010 9:42:07 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 25.10.2010 1:38:52 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 26.10.2010 2:37:19 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 27.10.2010 7:17:45 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 27.10.2010 9:15:10 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 27.10.2010 19:22:53 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 28.10.2010 3:11:46 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 29.10.2010 3:46:04 | Computer Name = PAVEL-1B83964B5 | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >