Prosím o kontrolu. Napadení virem Polcie cř

Zpráva

vojta.kuca.kucera

Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.05.24.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
dharma :: DHARMA-A14GPJLV [administrator]

25.5.2013 5:49:07
mbar-log-2013-05-25 (05-49-07).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | Deep Anti-Rootkit Scan | PUM | P2P
Scan options disabled: PUP
Objects scanned: 384862
Time elapsed: 22 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#17 Příspěvek od **vyosek** » 26 kvě 2013 06:19

Jeste poprosim o MBAM

vojta.kuca.kucera

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.05.25.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
dharma :: DHARMA-A14GPJLV [administrátor]

25.5.2013 20:15:42
mbam-log-2013-05-25 (20-15-42).txt

Typ: Kompletní kontrola (C:\|D:\|F:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 563047
Uplynulý čas: 1 hodin, 58 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

#19 Příspěvek od **vyosek** » 29 kvě 2013 09:48

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

vojta.kuca.kucera

Tak tohle vypadlo: Extras.Txt

OTL Extras logfile created on: 29.5.2013 23:57:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dharma\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 58,99% Memory free
5,35 Gb Paging File | 4,75 Gb Available in Paging File | 88,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 3717D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 13,34 Gb Free Space | 35,80% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 13,05 Gb Free Space | 2,80% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 0,79 Gb Free Space | 1,06% Space Free | Partition Type: NTFS

Computer Name: DHARMA-A14GPJLV | User Name: dharma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"54321:TCP" = 54321:TCP:*:Enabled:uTorrent

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD 9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD 9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0
"C:\Program Files\Lexmark 2500 Series\app4r.exe" = C:\Program Files\Lexmark 2500 Series\App4R.exe:*:Enabled:BorgListener -- ()
"C:\Program Files\CyberLink\PowerDVD11\PowerDVD11.exe" = C:\Program Files\CyberLink\PowerDVD11\PowerDVD11.exe:*:Enabled:CyberLink PowerDVD 11.0 -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe" = C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe:*:Enabled:CyberLink PowerDVD 11.0 RC Service -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe" = C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe:*:Enabled:CyberLink Media Server -- (CyberLink)
"C:\Documents and Settings\dharma\Dokumenty\Stažené soubory\detect_routers\detect_routers.exe" = C:\Documents and Settings\dharma\Dokumenty\Stažené soubory\detect_routers\detect_routers.exe:*:Enabled:Detect Multiple Routers
"C:\Program Files\Simple Port Tester\spt.exe" = C:\Program Files\Simple Port Tester\spt.exe:*:Enabled:Simple Port Tester -- (PcWinTech.com)
"C:\Program Files\Simple Port Forwarding\spf.exe" = C:\Program Files\Simple Port Forwarding\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com -- (PcWinTech.com)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Lexmark 2500 Series\lxddamon.exe" = C:\Program Files\Lexmark 2500 Series\lxddamon.exe:*:Enabled:Device Monitor Appliaction -- (Lexmark)
"C:\Program Files\Lexmark 2500 Series\App4R.exe" = C:\Program Files\Lexmark 2500 Series\App4R.exe:*:Enabled: -- ()
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Disabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"F:\Program Files\Battlefield 2\BF2.exe" = F:\Program Files\Battlefield 2\BF2.exe:*:Enabled:BF2 -- ()
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxddpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxddpswx.exe:*:Enabled: -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxddtime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxddtime.exe:*:Enabled: -- (Lexmark International, Inc.)
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)
"C:\Program Files\CyberLink\PowerDVD11\PowerDVD11.exe" = C:\Program Files\CyberLink\PowerDVD11\PowerDVD11.exe:*:Enabled:CyberLink PowerDVD 11.0 -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe" = C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe:*:Enabled:CyberLink PowerDVD 11.0 RC Service -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe" = C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe:*:Enabled:CyberLink Media Server -- (CyberLink)
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent Inc.)
"C:\Program Files\zIRC\zirc.exe" = C:\Program Files\zIRC\zirc.exe:*:Enabled:z Internet Relay Chat Client -- (suzo (www.suzo.sk))
"C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.)
"D:\Program Files\GTa san\GTA San Andreas\samp.exe" = D:\Program Files\GTa san\GTA San Andreas\samp.exe:*:Enabled:San Andreas Multiplayer -- ()
"D:\Program Files\Counter-Strike 1.6\hl.exe" = D:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"D:\Program Files\World_of_Tanks\WOTLauncher.exe" = D:\Program Files\World_of_Tanks\WOTLauncher.exe:*:Enabled:World of Tanks Launcher -- (Wargaming.net)
"D:\Program Files\World_of_Tanks\WorldOfTanks.exe" = D:\Program Files\World_of_Tanks\WorldOfTanks.exe:*:Enabled:World of Tanks -- (Wargaming.net)
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin -- (Pinnacle Systems)
"C:\Program Files\Vuze\Azureus.exe" = C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus / Vuze -- (Azureus Software, Inc)
"C:\Documents and Settings\dharma\Dokumenty\Stažené soubory\detect_routers\detect_routers.exe" = C:\Documents and Settings\dharma\Dokumenty\Stažené soubory\detect_routers\detect_routers.exe:*:Enabled:Detect Multiple Routers
"C:\Program Files\Simple Port Tester\spt.exe" = C:\Program Files\Simple Port Tester\spt.exe:*:Enabled:Simple Port Tester -- (PcWinTech.com)
"C:\Program Files\Simple Port Forwarding\spf.exe" = C:\Program Files\Simple Port Forwarding\spf.exe:*:Enabled:Simple Port Forwarding By PcWinTech.com -- (PcWinTech.com)
"C:\Documents and Settings\dharma\Data aplikací\BitTorrent\BitTorrent.exe" = C:\Documents and Settings\dharma\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Průzkumník Windows -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0DF34F71-6182-474F-B6FE-0B2AF069E6FD}" = VBA (2627.01)
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{241DBC8D-14E3-4240-8EE5-3AC35086B638}" = AVG 2013
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema 1.6.1.4235
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FA5E4CC-58ED-4ED0-AC9E-ED0759E9166E}" = RedistSysFiles
"{450063AA-643B-417C-8CF5-405BA3F4EF40}" = Autodesk Design Review 2009
"{46548E80-0409-0000-7E8A-45000F855001}" = Adobe GoLive CS2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{70C592EC-AE9B-4734-928B-676E824FB41E}" = MFC RunTime files
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}" = SketchUp 8
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{786C5747-1437-443D-B06E-79A00FE45110}" = Adobe Stock Photos 1.0
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D13EC59-1F8D-4988-8523-D5E8C2724C1D}" = Beowulf TM
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90F50409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core
"{90F60409-6000-11D3-8CFE-0150048383C9}" = Visual Basic for Applications (R) Core - English
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A27281BC-98AA-4DC8-AA39-20B9E27B1029}" = InCD Reader
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{ADBE46EE-54E0-4610-B436-D7E93D829100}" = Adobe Version Cue CS2
"{AEEB3643-71DE-414d-9E3F-1159177FE211}" = Office Animation Runtime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.85
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3A1BF34-A336-450D-BC3E-3A854AD270A0}" = AVG 2013
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}" = InterVideo AVControlSDK
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D9496760-FEA9-4477-ADDE-43C025E6556B}_0" = Bentley MicroStation (V 08.05.00.64) - 1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Multi-Card Reader & Flash Disk
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Autodesk Design Review 2009" = Autodesk Design Review 2009
"AVG" = AVG 2013
"Avisynth" = AviSynth 2.5
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"CDisplay_is1" = CDisplay 1.8
"Counter-Strike 1.6 v36 protokol 48" = Counter-Strike 1.6 v36 protokol 48
"Defraggler" = Defraggler
"DiskCheckerXP" = DiskCheckerXP 6.1
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"EPSON Printer and Utilities" = EPSON Printer Software
"FastStone Flash Player" = FastStone Flash Player 2.2
"GenoPro" = GenoPro 2.0.1.6
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"Indeo® software" = Indeo® software
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11
"Lexmark 2500 Series" = Lexmark 2500 Series
"Lexmark Fax Solutions" = Faxové funkce Lexmark
"Magic ISO Maker v5.5 (build 0276)" = Magic ISO Maker v5.5 (build 0276)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Metronom v1.0" = Metronom v1.0
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 21.0 (x86 cs)" = Mozilla Firefox 21.0 (x86 cs)
"Mozilla Thunderbird (3.1)" = Mozilla Thunderbird (3.1)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Noční obloha_is1" = Noční obloha 1.5
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"progeCAD 2008 Smart! ENG" = progeCAD 2008 Smart! ENG
"PunkBusterSvc" = PunkBuster Services
"Recepturní systém SATURNIN - RTP" = Recepturní systém SATURNIN - RTP
"Recuva" = Recuva
"Replay Media Catcher 4" = Replay Media Catcher 4 (4.3.2)
"Security Task Manager" = Security Task Manager 1.8d
"Simple Port Forwarding" = Simple Port Forwarding
"Simple Port Tester2.1.5" = Simple Port Tester
"Speccy" = Speccy
"SubtitleWorkshop" = Subtitle Workshop 2.51
"Tetris_is1" = Tetris 1.0
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Unlocker" = Unlocker 1.9.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.6
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"zIRC_is1" = zIRC 1.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 23.5.2013 5:21:54 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23.5.2013 5:21:54 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23.5.2013 5:21:54 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 23.5.2013 5:21:54 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23.5.2013 5:21:54 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 23.5.2013 6:04:09 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23.5.2013 6:04:09 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23.5.2013 6:04:09 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 23.5.2013 6:04:09 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.

Error - 23.5.2013 6:04:09 | Computer Name = DHARMA-A14GPJLV | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

[ System Events ]
Error - 28.5.2013 18:23:27 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7000
Description = Služba nVidia WDM A/V Crossbar neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 28.5.2013 18:23:27 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SBRE TfFsMon TfSysMon

Error - 29.5.2013 17:46:48 | Computer Name = DHARMA-A14GPJLV | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 10.0.0.139 pro síťovou kartu s adresou 001966D27B20
byla serverem DHCP 10.0.0.138 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 29.5.2013 17:46:52 | Computer Name = DHARMA-A14GPJLV | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 29.5.2013 17:48:01 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 29.5.2013 17:48:01 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 29.5.2013 17:48:01 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 29.5.2013 17:48:01 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7000
Description = Služba nVidia WDM Video Capture (universal) neuspěla při spuštění
v důsledku následující chyby: %%1058

Error - 29.5.2013 17:48:01 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7000
Description = Služba nVidia WDM A/V Crossbar neuspěla při spuštění v důsledku následující
chyby: %%1058

Error - 29.5.2013 17:48:06 | Computer Name = DHARMA-A14GPJLV | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SBRE TfFsMon TfSysMon

< End of report >

vojta.kuca.kucera

OTL.Txt 1. část

OTL logfile created on: 29.5.2013 23:57:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\dharma\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,75 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 58,99% Memory free
5,35 Gb Paging File | 4,75 Gb Available in Paging File | 88,78% Paging File free
Paging file location(s): C:\pagefile.sys 2046 3717D:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37,27 Gb Total Space | 13,34 Gb Free Space | 35,80% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 13,05 Gb Free Space | 2,80% Space Free | Partition Type: NTFS
Drive F: | 74,53 Gb Total Space | 0,79 Gb Free Space | 1,06% Space Free | Partition Type: NTFS

Computer Name: DHARMA-A14GPJLV | User Name: dharma | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.05.29 23:54:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dharma\Plocha\OTL.exe
PRC - [2013.05.25 13:27:51 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.02.05 10:54:40 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2012.12.11 03:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012.10.22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012.10.22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2013.05.25 13:27:47 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.03.29 15:50:25 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2008.04.14 09:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.02.27 05:16:26 | 000,103,936 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdddrpp.dll
MOD - [2007.02.02 11:19:22 | 000,012,288 | ---- | M] () -- C:\WINDOWS\system32\LXF3PMRC.DLL
MOD - [2007.02.02 11:16:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\LXF3PMON.DLL
MOD - [2007.02.02 11:11:10 | 000,032,768 | ---- | M] () -- C:\Program Files\Lexmark Fax Solutions\ipcmt.dll
MOD - [2006.11.08 01:02:18 | 000,036,864 | ---- | M] () -- C:\WINDOWS\system32\lxf3oem.dll

========== Services (SafeList) ==========

SRV - [2013.05.25 13:27:48 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.05 10:54:40 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2012.12.19 10:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.11.15 23:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2011.08.26 08:00:22 | 000,292,136 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe -- (CyberLink PowerDVD 11.0 Service)
SRV - [2011.08.26 08:00:19 | 000,075,048 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 11.0 Monitor Service)
SRV - [2011.08.24 03:13:43 | 000,083,240 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)
SRV - [2011.05.25 09:25:59 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2010.09.25 22:19:52 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.02.28 18:39:08 | 000,053,032 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero8\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv)
SRV - [2008.02.28 18:38:58 | 001,440,552 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe -- (InCDsrvR)
SRV - [2007.05.25 09:41:38 | 000,537,520 | ---- | M] ( ) [Disabled | Stopped] -- C:\WINDOWS\system32\lxddcoms.exe -- (lxdd_device)
SRV - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2005.05.25 16:49:58 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ssudmdm.sys -- (ssudmdm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (rtl8139)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ssudbus.sys -- (dg_ssudbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\dharma\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2013.05.25 05:45:18 | 000,035,144 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013.02.05 18:52:46 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2013.02.05 10:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012.11.15 23:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.11.09 16:33:32 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2012.11.09 16:33:32 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2012.11.09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.11.09 16:33:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2012.11.09 16:33:30 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.11.09 16:33:30 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.10.22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.10.17 14:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.10.15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.10.02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.09.21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.09.21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012.09.21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012.09.14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.03.02 12:14:54 | 000,145,280 | R--- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2012.01.15 16:22:52 | 000,428,088 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2011.08.25 14:06:52 | 000,077,296 | ---- | M] (CyberLink Corp.) [2011/12/29 23:03:52] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.08.24 03:13:44 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)
DRV - [2011.07.07 17:39:06 | 006,367,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.06.26 02:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliandMP)
DRV - [2011.06.26 02:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\appliand.sys -- (appliand)
DRV - [2010.12.31 01:14:31 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2010.09.22 21:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.08.10 16:45:53 | 000,278,728 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.10 16:45:52 | 000,025,416 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.07.01 11:53:34 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009.07.01 11:53:30 | 000,066,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009.06.30 17:31:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2009.06.17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009.06.17 18:56:24 | 000,079,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009.06.17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.06.17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.06.17 18:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2009.06.17 18:55:26 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009.06.17 18:55:18 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009.02.12 11:23:18 | 000,058,536 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE1008mdm.sys -- (SE1008mdm)
DRV - [2008.04.14 01:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.02.28 18:38:58 | 000,040,360 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2006.11.02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.07.01 22:42:58 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2005.02.09 11:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.12.05 11:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003.04.16 14:00:00 | 000,008,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidgame.sys -- (hidgame)
DRV - [2003.04.16 14:00:00 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)
DRV - [2002.11.18 17:05:00 | 000,116,924 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVCAP.SYS -- (nvcap)
DRV - [2002.11.18 17:05:00 | 000,010,814 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\NVXBAR.SYS -- (NVXBAR)
DRV - [2001.08.18 00:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{1CB3780C-AC35-481F-8B8A-F753031F77B6}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{570296C6-F24E-422D-978A-10ABDC4AA463}: "URL" = http://www.google.com/search?q={searchT ... =utf8&rlz=
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{66014F97-487E-4BF2-A174-4623EA179FD8}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\search13: "URL" = http://search13.net/search.php?q={searchTerms}
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..network.proxy.backup.ftp: "75.127.4.217"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "75.127.4.217"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "75.127.4.217"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "75.127.4.217"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "75.127.4.217"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "75.127.4.217"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "75.127.4.217"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.08.31 21:04:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.25 13:27:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.03.23 11:03:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.03.29 15:57:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010.07.07 17:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Extensions
[2010.07.07 17:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.11.11 17:19:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2013.05.29 23:57:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions
[2013.02.23 00:22:14 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.05.14 15:26:37 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(2)
[2009.05.14 15:26:41 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}(2)
[2013.04.14 19:09:08 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\2020Player_IKEA@2020Technologies.com
[2010.05.03 18:21:39 | 000,000,000 | ---D | M] (ÄŚeskĂ© slovnĂky pro kontrolu pravopisu) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\cs@dictionaries.addons.mozilla(2).org
[2011.02.15 15:37:21 | 000,000,000 | ---D | M] (LinkyLook) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\linkylook@dniflima.about.tc
[2013.05.29 23:57:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\staged
[2013.01.24 23:56:08 | 000,004,233 | ---- | M] () (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}.xpi
[2011.10.29 20:48:07 | 000,434,392 | ---- | M] () (No name found) -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.05.25 05:44:19 | 000,002,421 | ---- | M] () -- C:\Documents and Settings\dharma\Data aplikací\Mozilla\Firefox\Profiles\u4anjg9u.default\searchplugins\google-esk-republika.xml
[2013.05.25 13:27:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.05.25 13:26:33 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky(2).ru
[2013.05.25 13:27:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.05.25 13:27:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\DHARMA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\U4ANJG9U.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\DHARMA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\U4ANJG9U.DEFAULT\EXTENSIONS\2020PLAYER_IKEA@2020TECHNOLOGIES.COM
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

O1 HOSTS File: ([2012.12.26 03:52:29 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést do existujícího PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést výběr do existujícího PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 4167169078 (MUWebControl Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {A4639D2F-774E-11D3-A490-00C04F6843FB} http://download.microsoft.com/download/ ... msorun.cab (IEAnimBehaviorFactory Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0E079419-B3D2-46B1-9168-298CC19266ED}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54F59F51-FE44-4E5A-8841-B67CA6A27F70}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D535C484-1F1E-41D8-9FFF-A96EBC8FABE1}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\Ir32_32.dll ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\Ir50_32.dll (Intel Corporation)
Drivers32: vidc.mjpg - C:\WINDOWS\System32\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\WINDOWS\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.29 23:54:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dharma\Plocha\OTL.exe
[2013.05.28 10:42:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\AVG
[2013.05.25 13:26:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.25 13:08:29 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\dharma\Recent
[2013.05.25 11:01:15 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.05.25 05:48:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes' Anti-Malware (portable)
[2013.05.25 05:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dharma\Plocha\Nová složka (3)
[2013.05.23 11:53:49 | 000,000,000 | --SD | C] -- C:\NoMBR
[2013.05.23 11:09:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.05.23 11:09:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.05.23 11:09:36 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.05.23 11:09:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.05.23 11:09:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.23 11:08:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.05.15 17:00:00 | 004,411,440 | ---- | C] (AVG Technologies) -- C:\Program Files\avg_avct_stb_all_2013_2667_cm10.exe
[2011.03.23 16:07:13 | 000,048,128 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\dharma\SETUP32.DLL
[2009.09.21 15:19:44 | 000,438,240 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\dharma\setup.exe

========== Files - Modified Within 7 Days ==========

[2013.05.29 23:59:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.29 23:54:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dharma\Plocha\OTL.exe
[2013.05.29 23:48:16 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.29 23:46:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.29 00:40:43 | 000,273,344 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.05.29 00:40:43 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.05.29 00:40:41 | 000,273,344 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.05.28 12:00:28 | 000,031,586 | ---- | M] () -- C:\Documents and Settings\dharma\Plocha\53.jpg
[2013.05.28 11:55:53 | 000,056,855 | ---- | M] () -- C:\Documents and Settings\dharma\Plocha\29.jpg
[2013.05.27 11:50:59 | 000,064,512 | ---- | M] () -- C:\Documents and Settings\dharma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.25 05:45:18 | 000,035,144 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013.05.23 21:51:01 | 000,000,078 | ---- | M] () -- C:\WINDOWS\WatsonsBlockGame.ini

========== Files Created - No Company Name ==========

[2013.05.29 23:59:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.28 12:00:27 | 000,031,586 | ---- | C] () -- C:\Documents and Settings\dharma\Plocha\53.jpg
[2013.05.28 11:55:48 | 000,056,855 | ---- | C] () -- C:\Documents and Settings\dharma\Plocha\29.jpg
[2013.05.25 05:45:18 | 000,035,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2013.05.23 11:09:36 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.05.23 11:09:36 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.05.23 11:09:36 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.05.23 11:09:36 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.05.23 11:09:36 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.05.14 07:44:07 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\odhdzot.pad
[2013.05.14 07:44:01 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ofvwl.pad
[2013.03.31 12:06:53 | 000,000,418 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013.03.05 19:26:41 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2013.03.05 19:26:41 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2013.02.05 18:52:54 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012.12.26 13:59:57 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\SysInfo_6.dll
[2012.12.25 20:02:24 | 000,000,245 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2012.08.10 22:04:48 | 002,928,848 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.07.30 14:16:18 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.07.30 14:16:18 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.07.30 14:16:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.07.30 14:16:18 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012.06.21 21:48:09 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\wintab32.dll
[2012.04.05 20:47:02 | 000,003,368 | ---- | C] () -- C:\Documents and Settings\dharma\Data aplikací\coreldrw.tpa
[2012.02.08 23:11:45 | 000,645,632 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012.02.08 23:11:45 | 000,240,640 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.12.29 14:33:09 | 000,001,042 | ---- | C] () -- C:\Documents and Settings\dharma\Data aplikací\coreavc.ini
[2011.09.12 23:50:38 | 000,037,921 | -H-- | C] () -- C:\Documents and Settings\dharma\992GCAHG.bat
[2011.08.25 20:33:07 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.08.25 20:33:07 | 000,273,344 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.08.25 20:33:07 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.08.25 20:32:00 | 002,123,582 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2011.08.13 20:50:06 | 000,000,515 | ---- | C] () -- C:\WINDOWS\Viewer.INI
[2011.08.11 08:34:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.06.16 10:07:23 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.06.16 10:07:23 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2011.03.23 16:07:06 | 000,006,137 | ---- | C] () -- C:\Documents and Settings\dharma\EPSETUP.EIF
[2011.03.23 16:07:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dharma\EPDISK4
[2011.03.23 16:07:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dharma\EPDISK3
[2011.03.23 16:07:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dharma\EPDISK2
[2011.03.23 16:07:06 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dharma\EPDISK1
[2011.03.22 19:32:47 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\dharma\Data aplikací\netstat.bat
[2011.02.19 15:05:33 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\dharma\Data aplikací\PnkBstrK.sys
[2010.09.26 19:20:38 | 000,184,969 | ---- | C] () -- C:\Documents and Settings\dharma\Steam_2010_09_26__17_20_38_875.mdmp
[2010.09.26 16:09:24 | 000,207,509 | ---- | C] () -- C:\Documents and Settings\dharma\Steam_2010_09_26__14_09_24_796.mdmp
[2010.07.12 19:43:48 | 000,040,960 | ---- | C] () -- C:\Program Files\Uninstall_CDS.exe
[2010.02.21 16:10:39 | 000,000,126 | ---- | C] () -- C:\Documents and Settings\dharma\Local Settings\Data aplikací\fusioncache.dat
[2010.01.19 16:50:34 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dharma\defogger_reenable
[2010.01.09 20:17:36 | 000,064,512 | ---- | C] () -- C:\Documents and Settings\dharma\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.06 22:21:50 | 000,004,981 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
[2009.09.21 15:19:30 | 134,926,662 | ---- | C] () -- C:\Documents and Settings\dharma\Data1.cab
[2009.03.05 17:05:32 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\dharma\intlname.ols
[2006.01.02 18:53:07 | 000,007,441 | -H-- | C] () -- C:\Documents and Settings\dharma\Data aplikací\dharmalog.dat

========== ZeroAccess Check ==========

[2009.05.27 18:37:10 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 09:51:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 09:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.12.19 23:47:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
[2011.12.24 10:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Applian
[2012.06.14 22:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2013.04.02 12:42:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.05.19 21:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG
[2013.05.15 17:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2013
[2011.12.19 23:45:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2013.01.22 15:23:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BlazeVideo
[2010.11.17 14:59:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.12.19 23:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2011.07.24 01:51:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2010.03.31 07:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Hitman Pro
[2011.04.25 10:00:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.12.29 23:59:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\install_clap
[2011.03.24 11:47:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2011.06.16 10:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LGMOBILEAX
[2013.05.29 23:52:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2011.08.13 20:29:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MyHeritage
[2011.10.21 20:51:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NCH Swift Sound
[2013.05.28 12:50:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nokia
[2011.08.20 09:06:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
[2011.04.25 10:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
[2011.04.25 10:08:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.12.29 23:55:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PDVD
[2011.11.08 04:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2012.12.30 21:07:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle VideoSpin
[2013.03.05 21:26:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2011.12.28 16:14:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
[2011.11.08 12:01:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2012.07.19 09:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2011.03.23 09:34:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2013.05.19 21:41:43 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2011.07.19 18:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\.expertlotto
[2011.08.25 21:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\3v
[2009.02.19 23:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\ACD Systems
[2009.03.03 19:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Ashampoo
[2012.06.14 22:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Autodesk
[2013.05.19 21:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\AVG
[2013.05.15 17:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\AVG2013
[2013.05.25 13:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Azureus
[2013.05.25 13:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\BitTorrent
[2011.12.06 13:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\BlackBean
[2009.07.29 18:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\CÍGLER SOFTWARE, a.s
[2012.02.04 10:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\DAEMON Tools Lite
[2012.08.31 21:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\DDMSettings
[2013.04.27 17:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\dp3d
[2011.03.23 09:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\EPSON
[2013.05.03 19:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Fuir
[2011.03.22 20:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\KillProcess
[2010.05.06 16:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\LangSoft
[2012.02.24 21:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Leadertech
[2011.03.23 18:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Lexmark Imaging Studio
[2011.08.13 20:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\MyHeritage
[2011.10.14 20:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\NCH Swift Sound
[2013.01.04 22:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Nokia
[2011.02.17 22:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\OpenOffice.org
[2012.07.28 11:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Oracle
[2013.03.29 13:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\PC Suite
[2012.06.21 21:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\progeSOFT
[2011.11.08 12:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Publish Providers
[2013.05.14 20:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Qayq
[2011.12.24 10:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Replay Media Catcher 4
[2012.08.31 16:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Samsung
[2011.11.08 12:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Sony
[2010.07.07 17:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Thunderbird
[2011.06.11 07:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\TS3Client
[2013.05.15 17:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\TuneUp Software
[2013.05.13 20:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Ukty
[2013.05.27 12:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\uTorrent
[2012.02.09 16:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\VitySoft
[2012.03.28 19:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\wargaming.net
[2013.04.02 02:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\YouTube Downloader
[2011.10.28 19:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Zoner
[2013.05.28 10:42:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVG

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.02.15 20:06:08 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.02.15 20:09:05 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT

< >

< MD5 for: ATAPI.SYS >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003.04.16 14:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2003.04.16 14:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=82CD2AA659D68781D29BA87421BE0E40 -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 09:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.14 01:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2003.04.16 14:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2003.04.16 14:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 09:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2003.04.16 14:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 10:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.14 01:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.14 01:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2003.04.16 14:00:00 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 09:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2003.04.16 14:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 09:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
[2003.04.16 14:00:00 | 000,101,376 | ---- | M] (Microsoft Corporation) MD5=F4D2C4AF666E0224E961AA744A1B47E3 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe

< MD5 for: SVCHOST.EXE >
[2003.04.16 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 09:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2003.04.16 14:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.14 01:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2013.03.31 12:02:56 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=CBEEBEB899E31EF52B962CB31FC8CA5C -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 09:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2003.04.16 14:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 09:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2003.04.16 14:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\SoftwareDistribution\Download\a61dcfd7f1fe3a041bc138dc48cd562b\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a61dcfd7f1fe3a041bc138dc48cd562b\*.tmp -> ]
[1 C:\WINDOWS\temp\*.tmp files -> C:\WINDOWS\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.07.19 18:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\.expertlotto
[2011.08.25 21:33:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\3v
[2009.02.19 23:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\ACD Systems
[2011.11.07 16:24:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Adobe
[2010.02.11 10:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\AdobeUM
[2009.03.03 19:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Ashampoo
[2012.06.14 22:34:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Autodesk
[2013.05.19 21:43:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\AVG
[2013.05.15 17:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\AVG2013
[2013.05.25 13:10:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Azureus
[2013.05.25 13:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\BitTorrent
[2011.12.06 13:27:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\BlackBean
[2012.03.18 22:34:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Corel
[2011.12.29 23:56:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\CyberLink
[2009.07.29 18:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\CÍGLER SOFTWARE, a.s
[2012.02.04 10:50:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\DAEMON Tools Lite
[2012.08.31 21:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\DDMSettings
[2010.06.29 00:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\DivX
[2013.04.27 17:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\dp3d
[2012.12.22 02:01:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\dvdcss
[2011.03.23 09:49:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\EPSON
[2011.10.14 16:05:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\FastStone
[2011.03.24 17:40:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\FaxCtr
[2013.05.03 19:38:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Fuir
[2013.04.14 16:08:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Google
[2009.05.14 16:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Help
[2009.07.10 17:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\InstallShield
[2011.03.22 20:32:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\KillProcess
[2010.05.06 16:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\LangSoft
[2012.02.24 21:50:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Leadertech
[2011.03.23 18:13:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Lexmark Imaging Studio
[2011.05.27 19:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Logitech
[2011.03.22 19:54:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Macromedia
[2011.05.01 10:17:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Malwarebytes
[2012.12.28 18:59:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Media Player Classic
[2012.04.17 17:45:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Microsoft
[2012.04.29 01:23:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\mIRC
[2009.02.15 20:31:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Mozilla
[2011.08.13 20:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\MyHeritage
[2012.04.14 00:56:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\NCH Software
[2011.10.14 20:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\NCH Swift Sound
[2013.01.04 22:37:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Nokia
[2011.02.17 22:30:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\OpenOffice.org
[2012.07.28 11:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Oracle
[2013.03.29 13:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\PC Suite
[2012.06.21 21:51:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\progeSOFT
[2011.11.08 12:10:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Publish Providers
[2013.05.14 20:18:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Qayq
[2011.03.23 11:04:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Real
[2011.12.24 10:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Replay Media Catcher 4
[2012.08.31 16:23:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Samsung
[2012.01.27 17:42:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Skype
[2011.11.08 12:09:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Sony
[2012.12.15 04:50:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Sony Corporation
[2009.02.15 20:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Sun
[2011.11.05 20:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Sunbelt
[2010.07.07 17:56:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Thunderbird
[2011.06.11 07:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\TS3Client
[2013.05.15 17:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\TuneUp Software
[2013.05.13 20:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Ukty
[2013.05.27 12:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\uTorrent
[2012.02.09 16:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\VitySoft
[2013.04.26 23:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\vlc
[2012.03.28 19:56:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\wargaming.net
[2013.05.25 13:10:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Winamp
[2009.06.10 13:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\WinRAR
[2013.04.02 02:30:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\YouTube Downloader
[2011.10.28 19:48:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dharma\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2013.03.31 13:42:46 | 000,310,208 | ---- | M] (Georgia Institute of Technology) -- C:\Documents and Settings\dharma\Data aplikací\Azureus\plugins\mlab\ShaperProbeC.exe
[2013.03.31 23:40:08 | 001,119,568 | ---- | M] (BitTorrent Inc.) -- C:\Documents and Settings\dharma\Data aplikací\BitTorrent\BitTorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012.01.15 16:22:52 | 000,428,088 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.12.21 18:28:24 | 003,932,160 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.21 18:11:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\System32\config\security.sav
[2009.12.21 18:28:24 | 034,078,720 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.21 18:28:24 | 006,029,312 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.05.29 00:40:41 | 000,273,344 | ---- | M] () -- C:\WINDOWS\system32\nvdrsdb0.bin
[2013.05.29 00:40:43 | 000,273,344 | ---- | M] () -- C:\WINDOWS\system32\nvdrsdb1.bin
[2013.05.29 00:40:43 | 000,000,001 | ---- | M] () -- C:\WINDOWS\system32\nvdrssel.bin
[2013.05.29 23:48:16 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.05.25 13:27:51 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=95110A1C5A1D228AC1DDF6AB67D00BEB -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 15:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.29 23:59:25 | 000,000,512 | ---- | M] () MD5=797893B98CBCF3F268DDEE706325D747 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[1999.06.11 20:18:36 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Corel Graphics 11\Custom Data\Bumpmap\Cracks.cpt
[2002.01.30 18:31:34 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Corel Graphics 11\Custom Data\Canvas\cracks2c.pcx
[2002.01.30 19:15:39 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Corel Graphics 11\Custom Data\Tiles\CRACKS2M.CPT

< *keygen* /s >
[2010.04.24 09:02:36 | 000,000,458 | ---- | M] () -- \Program Files\Adobe\Adobe Help Center\AdobeHelpData\Cache\GoLive\8.0\en_US\binary\page\f_keygen.png

vojta.kuca.kucera

OTL.Txt 2. poslední část.

< *loader* /s >
[2012.11.10 00:22:57 | 000,000,545 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinDownloaderbltu.zip
[2009.04.14 23:19:15 | 000,003,208 | ---- | M] () -- \Documents and Settings\dharma\Dokumenty\Platby\SCIO\objedOdeslano.asp_soubory\loader.gif
[2008.09.09 21:27:16 | 000,000,544 | ---- | M] () -- \Documents and Settings\dharma\Local Settings\Data aplikací\Adobe\Flash CS4\cs\Configuration\Classes\FP7\MovieClipLoader.as
[2008.09.09 21:27:16 | 000,000,544 | ---- | M] () -- \Documents and Settings\dharma\Local Settings\Data aplikací\Adobe\Flash CS4\cs\Configuration\Classes\FP8\MovieClipLoader.as
[2008.09.09 21:27:16 | 000,000,576 | ---- | M] () -- \Documents and Settings\dharma\Local Settings\Data aplikací\Adobe\Flash CS4\cs\Configuration\Classes\FP9\MovieClipLoader.as
[2008.09.09 21:27:18 | 000,010,454 | ---- | M] () -- \Documents and Settings\dharma\Local Settings\Data aplikací\Adobe\Flash CS4\cs\Configuration\Classes\mx\controls\Loader.as
[2005.03.16 19:16:00 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2008.07.30 11:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2008.07.29 04:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2011.08.24 03:13:45 | 000,000,035 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\ComLoader.ini
[2011.08.25 07:13:36 | 000,124,200 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Common\Koan\pyloader.dll
[2011.08.24 03:13:34 | 000,002,830 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Customizations\Generic\Style\Cascade\Media\Standard\SlideBar\ProgressLoader.png
[2011.08.19 12:03:38 | 000,028,126 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PK\subsys\PyImpLoader\PyImpLoader.kc
[2011.08.19 12:03:38 | 000,120,104 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011.08.12 09:26:27 | 000,012,088 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2011.08.12 09:26:28 | 000,002,692 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cinema\Presentation\Common\D3D9Loader.kc
[2011.08.16 12:03:40 | 000,012,022 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Movie\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011.08.24 03:13:48 | 000,001,731 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\FlvLoader.swf
[2011.08.24 03:13:48 | 000,001,949 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\KernelCtrl\D3D9Loader.kc
[2011.08.24 03:13:49 | 000,056,487 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\System\KernelCtrl\ImageLoader2.kc
[2011.08.24 03:13:50 | 000,004,045 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Widget\langloader.kc
[2011.08.24 03:13:50 | 000,014,262 | ---- | M] () -- \Program Files\CyberLink\PowerDVD11\Widget\layoutloader.kc
[2003.04.11 15:45:42 | 000,348,160 | ---- | M] () -- \Program Files\GameSpy Arcade\Services\_common\PortraitLoader.dll
[2010.06.07 22:11:08 | 000,006,262 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.02.17 22:13:06 | 000,021,504 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 22:19:10 | 000,000,171 | ---- | M] () -- \Program Files\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.02.17 22:13:35 | 000,029,184 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 17:21:40 | 000,003,874 | ---- | M] () -- \Program Files\OpenOffice.org 3\URE\java\unoloader.jar
[2013.02.13 17:24:20 | 000,069,120 | ---- | M] () -- \Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2002.12.12 01:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.14 01:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 01:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 09:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2009.08.14 14:36:18 | 000,070,936 | ---- | M] () -- \WINDOWS\system32\PhysXLoader.dll
[2008.09.25 21:44:58 | 000,004,178 | ---- | M] () -- \WINDOWS\system32\tnczsporicobrazovky_loader.gif
[2013.03.15 07:17:34 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2002.12.12 01:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
[2010.08.18 08:02:24 | 000,009,622 | ---- | M] () -- \WINDOWS\system32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

< End of report >

#23 Příspěvek od **vyosek** » 01 čer 2013 19:59

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - File not found [Kernel | Boot | Stopped] -- system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ssudmdm.sys -- (ssudmdm)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (rtl8139)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ssudbus.sys -- (dg_ssudbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\dharma\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{1CB3780C-AC35-481F-8B8A-F753031F77B6}: "URL" = http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms}
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{570296C6-F24E-422D-978A-10ABDC4AA463}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{66014F97-487E-4BF2-A174-4623EA179FD8}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..\SearchScopes\search13: "URL" = http://search13.net/search.php?q={searchTerms}
FF - prefs.js..network.proxy.backup.ftp: "75.127.4.217"
FF - prefs.js..network.proxy.backup.ftp_port: 3128
FF - prefs.js..network.proxy.backup.socks: "75.127.4.217"
FF - prefs.js..network.proxy.backup.socks_port: 3128
FF - prefs.js..network.proxy.backup.ssl: "75.127.4.217"
FF - prefs.js..network.proxy.backup.ssl_port: 3128
FF - prefs.js..network.proxy.ftp: "75.127.4.217"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "75.127.4.217"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "75.127.4.217"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "75.127.4.217"
FF - prefs.js..network.proxy.ssl_port: 3128
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - Reg Error: Key error. File not found
O15 - HKU\S-1-5-21-842925246-1580436667-1060284298-1003\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/DriverDow ... rtScan.cab (Reg Error: Key error.)
[2009.10.06 22:21:50 | 000,004,981 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

vojta.kuca.kucera

Log z otl

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service TfSysMon stopped successfully!
Service TfSysMon deleted successfully!
File system32\drivers\TfSysMon.sys not found.
Service TfFsMon stopped successfully!
Service TfFsMon deleted successfully!
File system32\drivers\TfFsMon.sys not found.
Service ssudmdm stopped successfully!
Service ssudmdm deleted successfully!
File system32\DRIVERS\ssudmdm.sys not found.
Service SBRE stopped successfully!
Service SBRE deleted successfully!
File C:\WINDOWS\system32\drivers\SBREdrv.sys not found.
Service rtl8139 stopped successfully!
Service rtl8139 deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service mcdbus stopped successfully!
Service mcdbus deleted successfully!
File system32\DRIVERS\mcdbus.sys not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
File C:\WINDOWS\system32\drivers\EagleNT.sys not found.
Service dg_ssudbus stopped successfully!
Service dg_ssudbus deleted successfully!
File system32\DRIVERS\ssudbus.sys not found.
Service CrystalSysInfo stopped successfully!
Service CrystalSysInfo deleted successfully!
File C:\Program Files\MediaCoder\SysInfo.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\DOCUME~1\dharma\LOCALS~1\Temp\catchme.sys not found.
Service adfs stopped successfully!
Service adfs deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1CB3780C-AC35-481F-8B8A-F753031F77B6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB3780C-AC35-481F-8B8A-F753031F77B6}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{570296C6-F24E-422D-978A-10ABDC4AA463}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{570296C6-F24E-422D-978A-10ABDC4AA463}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{66014F97-487E-4BF2-A174-4623EA179FD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66014F97-487E-4BF2-A174-4623EA179FD8}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Prefs.js: "75.127.4.217" removed from network.proxy.backup.ftp
Prefs.js: 3128 removed from network.proxy.backup.ftp_port
Prefs.js: "75.127.4.217" removed from network.proxy.backup.socks
Prefs.js: 3128 removed from network.proxy.backup.socks_port
Prefs.js: "75.127.4.217" removed from network.proxy.backup.ssl
Prefs.js: 3128 removed from network.proxy.backup.ssl_port
Prefs.js: "75.127.4.217" removed from network.proxy.ftp
Prefs.js: 3128 removed from network.proxy.ftp_port
Prefs.js: "75.127.4.217" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "" removed from network.proxy.no_proxies_on
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "75.127.4.217" removed from network.proxy.socks
Prefs.js: 3128 removed from network.proxy.socks_port
Prefs.js: "75.127.4.217" removed from network.proxy.ssl
Prefs.js: 3128 removed from network.proxy.ssl_port
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E6A20FB-153F-402c-A84B-1A64E1955D3D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748449}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748450}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748451}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC963627-B1DC-40E0-B52A-CF21EE748452}\ not found.
Registry value HKEY_USERS\S-1-5-21-842925246-1580436667-1060284298-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1979\\http deleted successfully.
Starting removal of ActiveX control {74DBCB52-F298-4110-951D-AD2FF67BC8AB}
C:\WINDOWS\Downloaded Program Files\NvidiaSmartScan.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74DBCB52-F298-4110-951D-AD2FF67BC8AB}\ not found.
C:\Documents and Settings\All Users\Data aplikací\mtbjfghn.xbe moved successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:A8ADE5D8 deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.DHARMA-A14GPJLV
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Administrator.DHARMA-A14GPJLV.000
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Administrator.DHARMA-A14GPJLV.001
->Temp folder emptied: 327680 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Administrator.DHARMA-A14GPJLV.002
->Temp folder emptied: 704512 bytes
->Temporary Internet Files folder emptied: 95859 bytes
->FireFox cache emptied: 941086 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: dharma
->Temp folder emptied: 11455568 bytes
->Temporary Internet Files folder emptied: 229778 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 384071365 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 4370 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 289771 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 4283419706 bytes

Total Files Cleaned = 4 465,00 mb

[EMPTYFLASH]

User: Administrator

User: Administrator.DHARMA-A14GPJLV

User: Administrator.DHARMA-A14GPJLV.000

User: Administrator.DHARMA-A14GPJLV.001

User: Administrator.DHARMA-A14GPJLV.002

User: All Users

User: Default User

User: dharma
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: Administrator.DHARMA-A14GPJLV

User: Administrator.DHARMA-A14GPJLV.000

User: Administrator.DHARMA-A14GPJLV.001

User: Administrator.DHARMA-A14GPJLV.002

User: All Users

User: Default User

User: dharma
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 06022013_121640

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#25 Příspěvek od **vyosek** » 04 čer 2013 08:02

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř

Re: Prosím o kontrolu. Napadení virem Polcie cř