VIRY.CZ

Ahoj,
po vycisteni PC ze 30.1.2013 je to llepsi ale po startu se my objevuje hlaska Virus Definition Daemon zjistil chybu a musí být uzavřen..
Co stim ??

Zdravim

Dejte mi sem prosim screen te hlasky, ta vim presne o co jde a co ji dava

cau ,tay je screan

http://img14.rajce.idnes.cz/d1403/7/769 ... eon1_2.jpg

OK, poprosim o log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Katka at 2013-02-03 11:23:00
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 23 GB (44%) free of 52 GB
Total RAM: 511 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:23:17, on 3.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Restore Desktop\RestoreDesktop.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Katka\Plocha\RSIT.exe
C:\Program Files\trend micro\Katka.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RestoreDesktop] C:\Program Files\Restore Desktop\RestoreDesktop.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8833345290
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 8833632614
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 8430 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-06-27 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-25 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-25 170416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-10-26 4632576]
"nwiz"=nwiz.exe /installquiet []
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-23 2615624]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-23 906648]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2006-11-01 1392640]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RestoreDesktop"=C:\Program Files\Restore Desktop\RestoreDesktop.exe [2003-03-11 45056]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RestoreDesktop]
C:\Program Files\Restore Desktop\RestoreDesktop.exe [2003-03-11 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile Communication Centre]
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2012-08-22 1368768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2007-12-18 43304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Documents and Settings\Katka\Local Settings\Temp\7zS14.tmp\SymNRT.exe"="C:\Documents and Settings\Katka\Local Settings\Temp\7zS14.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62ac3896-2e1f-11e1-bd32-000b7d0e8863}]
shell\AutoRun\command - D:\PcOptions.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62ac389a-2e1f-11e1-bd32-000b7d0e8863}]
shell\AutoRun\command - D:\PcOptions.exe

======List of files/folders created in the last 1 months======

2013-02-03 11:23:02 ----D---- C:\Program Files\trend micro
2013-02-03 10:30:58 ----D---- C:\rsit
2013-02-02 13:10:00 ----D---- C:\Program Files\IrfanView
2013-01-26 12:48:15 ----D---- C:\Documents and Settings\Katka\Data aplikací\Malwarebytes
2013-01-26 12:47:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-01-21 21:30:45 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2013-01-21 18:27:58 ----D---- C:\WINDOWS\system32\Adobe
2013-01-21 08:26:08 ----D---- C:\Program Files\Rigips
2013-01-20 10:05:30 ----D---- C:\Documents and Settings\Katka\Data aplikací\Acronis
2013-01-13 10:31:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\RealNetworks
2013-01-12 11:54:23 ----D---- C:\Documents and Settings\Katka\Data aplikací\Mozilla-Cache
2013-01-12 11:52:31 ----D---- C:\Documents and Settings\Katka\Data aplikací\Party
2013-01-12 11:45:15 ----D---- C:\Program Files\PartyGaming
2013-01-09 16:25:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$

======List of files/folders modified in the last 1 months======

2013-02-03 11:23:02 ----RD---- C:\Program Files
2013-02-03 11:17:08 ----D---- C:\WINDOWS\Prefetch
2013-02-03 11:06:18 ----D---- C:\WINDOWS\Temp
2013-02-03 10:58:30 ----D---- C:\WINDOWS
2013-02-03 10:56:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-03 10:55:03 ----D---- C:\WINDOWS\system32\drivers
2013-02-03 00:17:41 ----D---- C:\Program Files\PokerStars
2013-02-02 15:54:00 ----SD---- C:\WINDOWS\Tasks
2013-02-01 14:19:29 ----SHD---- C:\WINDOWS\Installer
2013-02-01 14:19:28 ----SHD---- C:\Config.Msi
2013-02-01 14:19:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-02-01 13:58:50 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-02-01 13:58:35 ----D---- C:\WINDOWS\system32
2013-01-30 18:34:27 ----D---- C:\Program Files\Winamp
2013-01-30 18:34:27 ----D---- C:\Documents and Settings\Katka\Data aplikací\Media Player Classic
2013-01-30 17:57:49 ----SHD---- C:\System Volume Information
2013-01-30 17:57:49 ----D---- C:\WINDOWS\system32\Restore
2013-01-29 21:26:51 ----D---- C:\Program Files\Common Files
2013-01-29 19:37:55 ----D---- C:\Program Files\The KMPlayer
2013-01-28 20:58:43 ----D---- C:\Program Files\BOSSAFX
2013-01-27 22:19:54 ----D---- C:\WINDOWS\system32\CatRoot2
2013-01-22 20:22:26 ----SD---- C:\Documents and Settings\Katka\Data aplikací\Microsoft
2013-01-21 11:25:46 ----D---- C:\Program Files\Full Tilt Poker
2013-01-19 18:11:42 ----HD---- C:\WINDOWS\inf
2013-01-15 16:07:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-01-15 16:07:12 ----D---- C:\WINDOWS\ie8updates
2013-01-15 16:06:49 ----D---- C:\WINDOWS\system32\CatRoot
2013-01-15 16:05:03 ----HD---- C:\WINDOWS\$hf_mig$
2013-01-14 12:36:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-01-13 10:37:30 ----D---- C:\WINDOWS\Debug
2013-01-13 10:37:29 ----D---- C:\WINDOWS\Minidump
2013-01-13 10:29:00 ----D---- C:\Program Files\Real
2013-01-13 10:27:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-01-12 19:56:36 ----RASH---- C:\boot.ini
2013-01-12 19:56:36 ----A---- C:\WINDOWS\win.ini
2013-01-12 19:56:36 ----A---- C:\WINDOWS\system.ini
2013-01-12 19:56:35 ----D---- C:\WINDOWS\pss
2013-01-12 11:51:51 ----D---- C:\Program Files\Mozilla Firefox
2013-01-11 09:18:45 ----D---- C:\WINDOWS\Microsoft.NET
2013-01-11 00:52:05 ----RSD---- C:\WINDOWS\assembly
2013-01-09 17:48:21 ----D---- C:\WINDOWS\WinSxS
2013-01-09 16:03:07 ----A---- C:\WINDOWS\system32\MRT.exe
2013-01-08 23:46:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-01-06 06:33:55 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2011-06-23 44384]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2011-10-26 237096]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 GTICARD;GTICARD; C:\WINDOWS\system32\DRIVERS\gticard.sys [2003-10-23 76160]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.SYS [2005-05-03 1033728]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-05-03 208384]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-10-26 2830688]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2004-11-15 264440]
R3 tiumfwl;tiumfwl; C:\WINDOWS\system32\drivers\tiumfwl.sys [2003-08-29 52080]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-05-03 705408]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys []
S3 .neostsr2;.neostsr2; C:\WINDOWS\system32\drivers\b57xp32.sys [2011-10-26 237096]
S3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-10-12 604928]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2008-04-14 25600]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-16 5888]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\WINDOWS\system32\DRIVERS\s125bus.sys [2007-04-24 83336]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s125mdfl.sys [2007-04-24 15112]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s125mdm.sys [2007-04-24 108680]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smhwdev;SmartPhone dummy USB PNP Device (Normal); C:\WINDOWS\system32\DRIVERS\smhwdev.sys [2010-01-14 100864]
S3 smhwser;USB Device for Legacy Serial Communication (Normal); C:\WINDOWS\system32\DRIVERS\smhwser.sys [2010-02-04 108032]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 427288]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-08-22 123320]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-12-25 170408]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-10-26 127044]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2006-11-01 20480]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2007-12-18 31016]
S2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2007-12-18 1834792]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2007-12-18 119592]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2011-06-23 355584]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Mrknete do CCleaneru - zalozka Nastroje - Odinstalovat - jestli tam neni zminka o tom programku, dle meho je zcela zybtecny

Nikde jsem to nenasel.Patrilo to k programu Symantec AntiVirus ktery jsem odninstaloval protoze mne porad otravoval a byl narocny na procesor.

Zkuste to projet jeste timto nastrojem ftp://ftp.symantec.com/public/english_u ... l_Tool.exe

Tim jsem to uz skousel a zadna zmnena.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL Extras logfile created on: 8.3.2013 19:54:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Katka\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,23 Mb Total Physical Memory | 234,91 Mb Available Physical Memory | 45,95% Memory free
1,29 Gb Paging File | 0,83 Gb Available in Paging File | 64,51% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,86 Gb Total Space | 5,41 Gb Free Space | 10,64% Space Free | Partition Type: NTFS

Computer Name: ADMIN-764ABB8FF | User Name: Katka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3551075490-358186679-3239478339-1005\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Documents and Settings\Katka\Local Settings\Temp\7zS14.tmp\SymNRT.exe" = C:\Documents and Settings\Katka\Local Settings\Temp\7zS14.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Documents and Settings\Katka\Local Settings\Temp\7zS6.tmp\SymNRT.exe" = C:\Documents and Settings\Katka\Local Settings\Temp\7zS6.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1" = System Explorer 4.0.0
"{47EA4DDF-FD99-46B3-846C-9F3F315268AD}" = ICM Trainer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ABC1F75-7060-4BAE-9972-F2DCBF1D5F1F}" = CardBus
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{7CB9546E-BF2C-47DE-9DB4-C4364FBE57EC}" = Broadcom Wireless LAN Driver 4.100.15.7_Negative_Foxconn
"{7CFCAE20-D462-4AE2-B3BB-2DA00AD3C550}" = PRO100
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{86D09F48-CDAB-4B4C-8806-F6C16F17935A}" = PokerStrategy.com Equilab
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0017-0405-0000-0000000FF1CE}_OMUI.cs-cz_{13E6D9FD-5FE8-43A6-9874-515A50909DEF}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.cs-cz_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.cs-cz_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_OMUI.cs-cz_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Czech
"{AC853A11-2047-4AAE-9EF1-9084C5B35926}" = KalkulacniProgram
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis True Image Home
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"0429C83BF3D339C1124123DE7C09E7270401CD2F" = Balíček ovladače systému Windows - Sony Ericsson (s0016obex) Ports (04/24/2008 4.44.2.0)
"08E697F4E31A9ACFCBC25036CB330BA3395DDDCF" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/23/2007 1.0)
"0D41E334593358704ECFD9DF4A74E3F4B3D1FA1D" = Balíček ovladače systému Windows - Sony Ericsson (s115obex) Ports (04/23/2007 4.40.2.1)
"109D031BEF45E240AD9683FCD5C54D934FAA9318" = Balíček ovladače systému Windows - Sony Ericsson (s115bus) USB (04/23/2007 4.40.2.1)
"11D3A85AC16C73BEEBFEB2985C128C86EBA49D04" = Balíček ovladače systému Windows - Sony Ericsson (WinUSB) sa0101UsbDeviceClass (04/30/2010 2.0.0010.000022)
"11DA4A8491815FB5F635964419DF31008F803361" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB WPD (10/28/2009 1.0.5.1)
"135BA876F1731B81FED3C1FF03D3AC95795EE2F3" = Balíček ovladače systému Windows - Sony Ericsson Net (02/23/2011 6.0.6000.16489)
"16EDC03E692BE65607F19D23D9B29D14AC915B68" = Balíček ovladače systému Windows - Sony Ericsson (s0016mdm) Modem (04/24/2008 4.44.2.0)
"17204220872ED111F51F90FAB365F56414167791" = Balíček ovladače systému Windows - Sony Ericsson (s1029mgmt) Ports (05/20/2009 4.50.7.1)
"17D02EE7FF8F690E06CF9A7708F544AB0D4180D0" = Balíček ovladače systému Windows - Sony Ericsson (s1018mdm) Modem (03/19/2009 4.50.3.8)
"19D6155C7C034672471655447FAE7AD0B9D1734F" = Balíček ovladače systému Windows - Sony Ericsson (s0016mgmt) Ports (04/24/2008 4.44.2.0)
"1D334EB7332F440A6028CDF56FBE885997E59AFF" = Balíček ovladače systému Windows - Sony Ericsson (se3emgmt) Ports (04/10/2007 4.40.2.0)
"21A72D111CB856F48E8553B4A88146C2BC54A56E" = Balíček ovladače systému Windows - Sony Ericsson (s0017mgmt) Ports (10/01/2008 4.50.3.0)
"24546D57DA8218560E59BF3347D1351FDEBB50B7" = Balíček ovladače systému Windows - Sony Ericsson (s1039nd5) Net (03/05/2010 5.02.0.2)
"262CB07C47460C8CEC34D6ECDCE2976E9AFF7229" = Balíček ovladače systému Windows - Sony Ericsson (s1029nd5) Net (05/20/2009 4.50.7.1)
"26DB22792BE9F17888E8A0D8584AF75CFF65475C" = Balíček ovladače systému Windows - Sony Ericsson (s1029bus) USB (05/20/2009 4.50.7.1)
"2DF1AB6122F363FFE09B7CC93FE1CD90FFFBF5B3" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/24/2007 1.1)
"2F93E6B0EC1639D421A9CCD8C06539D70A2C9D8D" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Ports (12/26/2007 4.40.6.0)
"3038F810531A3119D8408813AB675523F4BD5634" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Ports (12/26/2007 4.40.6.0)
"39CC6A9E9ECD57BCA435834B68588E59D4D1262E" = Balíček ovladače systému Windows - Sony Ericsson (se3ebus) USB (04/10/2007 4.40.2.0)
"39E83E1A16EC99A3551A9B7EE249E49CF43461B8" = Balíček ovladače systému Windows - Sony Ericsson Image (03/15/2010 1.0.1039.4)
"3B65F5281FAC2BDEC493E64B8E5BDC43DE0B94A6" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdmc) USB (12/26/2007 4.40.6.0)
"3C49648B12294915EBBBCB55F616F7A041FC1D18" = Balíček ovladače systému Windows - Sony Ericsson (s1039unic) USB (03/05/2010 5.02.0.2)
"3E15961F36095296129AD680597BCB32B73995AB" = Balíček ovladače systému Windows - Sony Ericsson (se3emdm) Modem (04/10/2007 4.40.2.0)
"4289980582B5E07F22B397BAD84B50FCA3917D22" = Balíček ovladače systému Windows - Sony Ericsson (s1018obex) Ports (03/19/2009 4.50.3.8)
"46250DAA3D263C8EEFA78F621BF514BFD19C225B" = Balíček ovladače systému Windows - Sony Ericsson Image (05/05/2008 1.0.0.0017)
"47A204C691C402BC5056438578C6E18BC3AE7437" = Balíček ovladače systému Windows - Sony Ericsson (s0017nd5) Net (10/01/2008 4.50.3.0)
"4ABA4C9DACE36B9B4789403BF98691A1C4BAAEA7" = Balíček ovladače systému Windows - Sony Ericsson (s115mdm) Modem (04/23/2007 4.40.2.1)
"54EA2ABFB38AEA1D8808B8D08E68201B9FDB025A" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrmdm) Modem (12/26/2007 4.40.6.0)
"57D40D26ECB043E4AD3C09AE0476B797343DA9BC" = Balíček ovladače systému Windows - Sony Ericsson (s0017bus) USB (10/01/2008 4.50.3.0)
"59A2AFF064B823BE53673BEE04D1F520823F56F5" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrobex) Ports (12/26/2007 4.40.6.0)
"6166182E0807B1F61A8C501DFE6EA4E5DFF5295F" = Balíček ovladače systému Windows - Sony Ericsson (WinUSB) sa0102AdbDeviceClass (02/23/2011 2.0.0010.20021)
"689DD8E590BF4B776FBA3A5E38FD2F9A23FB0824" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/24/2007 1.1)
"709135B1DA9E308D1513FCD2EB36A6A8C8CD7CD0" = Balíček ovladače systému Windows - Sony Ericsson (s916mgmt) Ports (09/05/2007 4.40.8.1)
"7D74DC13D399488BE61FE2D0C92555961BE47BEE" = Balíček ovladače systému Windows - Sony Ericsson (s916mdm) Modem (09/05/2007 4.40.8.1)
"81F81A8A63F4CC87AE4982DB853BC382E55C1A4C" = Balíček ovladače systému Windows - Sony Ericsson (s1018unic) USB (03/19/2009 4.50.3.8)
"8D269E962B10AF71808080CF7F33CC94772B1446" = Balíček ovladače systému Windows - Sony Ericsson (s0016unic) USB (04/24/2008 4.44.2.0)
"9242EC6DBC52A93FDA84B5FE2B02653CEA3D98AE" = Balíček ovladače systému Windows - Sony Ericsson (s1039mdm) Modem (03/05/2010 5.02.0.2)
"96AED80AC6A53E68E8699AB48F8AF24C84C7615C" = Balíček ovladače systému Windows - Sony Ericsson Image (05/25/2009 1.0.1029.2)
"9704611892F6B3DCE7AB27CBFDC9246859044BD3" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (usbser) Ports (10/28/2009 1.0.5.1)
"9D436EB62113A1B8D4005A5FF7972FA212310015" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (03/26/2007 1.0)
"A48268F8402FB24EA6170A60F5983FB76490F8AA" = Balíček ovladače systému Windows - Sony Ericsson (s1029mdm) Modem (05/20/2009 4.50.7.1)
"A50817ADD6FCBB0F8698362990089F725794BF68" = Balíček ovladače systému Windows - Sony Ericsson (s916obex) Ports (09/05/2007 4.40.8.1)
"AA95F906B038B74C48CE136D1E4807F7CAC19AE4" = Balíček ovladače systému Windows - Sony Ericsson (s1039obex) Ports (03/05/2010 5.02.0.2)
"AAA1C5FD85F0DB2A12BC54F4F54474B941E09678" = Balíček ovladače systému Windows - Sony Ericsson (s1029obex) Ports (05/20/2009 4.50.7.1)
"ADA4E68BF676A857D1E0709BB35F7F6429668027" = Balíček ovladače systému Windows - Sony Ericsson (s1039mgmt) Ports (03/05/2010 5.02.0.2)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AFCC6BDFC2FB2718653394000206D98BECAAC196" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrbus) USB (12/26/2007 4.40.6.0)
"AudioShell_is1" = AudioShell 1.3.5
"avast" = avast! Free Antivirus
"B2266955B3401017D8B83D9CAF4EB5EB9F4D0897" = Balíček ovladače systému Windows - Sony Ericsson (s0016nd5) Net (04/24/2008 4.44.2.0)
"B435435D376F485661EFD193425286C49D67E5C3" = Balíček ovladače systému Windows - Sony Ericsson (s1029unic) USB (05/20/2009 4.50.7.1)
"BB70AAAEA6B28AAD780824FAD3581FD3B7C40EC6" = Balíček ovladače systému Windows - Sony Ericsson (s125mdm) Modem (04/24/2007 4.40.2.0)
"BE4863572DB309FF278A84708BBD66E3E249030E" = Balíček ovladače systému Windows - Sony Ericsson (s115mgmt) Ports (04/23/2007 4.40.2.1)
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"C1C66E8B6A1F5FEA6A4BD682014FA9E74B9B3D21" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrceb) System (12/26/2007 4.40.6.0)
"C9679607CAD739A6F2468D9FA3B23E6825535AE9" = Balíček ovladače systému Windows - Sony Ericsson (se3eobex) Ports (04/10/2007 4.40.2.0)
"CA03B33EE331A54BD1E0401C924B76C6BE073CE5" = Balíček ovladače systému Windows - Sony Ericsson Image (03/25/2009 1.0.1018.7)
"CA4B4019807155E4031A3E9EA29D8D3B29E9AED3" = Balíček ovladače systému Windows - Sony Ericsson (s1039bus) USB (03/05/2010 5.02.0.2)
"CCleaner" = CCleaner
"CF7C7CDF0D9B1E9060AF7ACF8799ECAA751939EF" = Balíček ovladače systému Windows - Sony Ericsson (s0017mdm) Modem (10/01/2008 4.50.3.0)
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D480 MDC V.92 Modem
"DBDCD462675537E6100CD8C8CF596F8719E36722" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB Image (10/28/2009 1.0.5.1)
"DE0847AF689430C84177751A3AB96DCE27768B4D" = Balíček ovladače systému Windows - Sony Ericsson (s916bus) USB (09/05/2007 4.40.8.1)
"DE63012B1E5F3E285AE7085001B9FAA11C715ABC" = Balíček ovladače systému Windows - Sony Ericsson (s1018mgmt) Ports (03/19/2009 4.50.3.8)
"E14B5972CD0723A804C5C1A7E57034DDBB36BF91" = Balíček ovladače systému Windows - Sony Ericsson (s125obex) Ports (04/24/2007 4.40.2.0)
"E4B0822B08012168DF40F5D97B91A18C81F791F2" = Balíček ovladače systému Windows - Sony Ericsson (s0017obex) Ports (10/01/2008 4.50.3.0)
"E505647D47DAF2622883E65DD8BF04C393FDCDCB" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB USB (12/26/2007 4.40.6.0)
"E797F532099E0E303F01468443198C5B5CABBDD5" = Balíček ovladače systému Windows - Sony Ericsson (s1018nd5) Net (03/19/2009 4.50.3.8)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"F33D7CFC00F5F23AB61B26F60D76965B226EB223" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (zebrsce) Ports (12/26/2007 4.40.6.0)
"F4268692E420234745EDD92C0DC1C84D4C2066FC" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications AB (usbser) Modem (10/28/2009 1.0.5.1)
"FCCEA9CB401AFFF1FD9C03E20273628B00BCF2C2" = Balíček ovladače systému Windows - Sony Ericsson (s1018bus) USB (03/19/2009 4.50.3.8)
"FE8F10E0347BEDB8A4A80D75F52B12DF0EE97938" = Balíček ovladače systému Windows - Sony Ericsson (s125bus) USB (04/24/2007 4.40.2.0)
"FF230A83312D8BE69110F99FCD33E0F71378A140" = Balíček ovladače systému Windows - Sony Ericsson Mobile Communications Modem (05/29/2007 1.2)
"FFE433FB002FF1581FDC39452713A90091DA0306" = Balíček ovladače systému Windows - Sony Ericsson (s0017unic) USB (10/01/2008 4.50.3.0)
"FFE7AE445D5E541BA859B545F9A436F387D79A9E" = Balíček ovladače systému Windows - Sony Ericsson (s125mgmt) Ports (04/24/2007 4.40.2.0)
"FormatFactory" = FormatFactory 2.60
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{4ABC1F75-7060-4BAE-9972-F2DCBF1D5F1F}" = PCI 7510 CardBus Controller with SmartCard and Software
"IrfanView" = IrfanView (remove only)
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.5.1 (Full)
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 5.0 (x86 cs)" = Mozilla Firefox 5.0 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Enterprise Edition
"NVIDIA Drivers" = NVIDIA Drivers
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"PartyPoker" = PartyPoker
"PhotoScape" = PhotoScape
"Plus500" = Plus500
"Poker 770" = Poker 770
"Poker Calculator Pro" = Poker Calculator Pro
"PokerStars" = PokerStars
"PokerTracker4" = PokerTracker 4 (remove only)
"PostgreSQL 9.0" = PostgreSQL 9.0
"PowerArchiver" = PowerArchiver
"Restore Desktop" = Restore Desktop (remove only)
"Seven Remix XP" = Seven Remix XP 2.4
"SitNGoWizard" = SitNGo Wizard
"SubtitleWorkshop" = Subtitle Workshop 2.51
"T-Mobile Communication Centre" = Web'n'walk Manager
"Tournament Shark" = Tournament Shark
"Unlocker" = Unlocker 1.8.7
"VobSub" = VobSub 2.23
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3551075490-358186679-3239478339-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JoinMe" = join.me
"PhotoFiltre" = PhotoFiltre

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 19.11.2012 15:13:23 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1000
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 19.11.2012 15:18:03 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1004
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 20.11.2012 16:29:27 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1000
Description = Chybující aplikace pokerstars.exe, verze 6.3.9.2, chybující modul
ntdll.dll, verze 5.1.2600.6055, adresa chyby 0x00012905.

Error - 23.11.2012 11:35:44 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1000
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 23.11.2012 11:55:59 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1004
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 25.11.2012 3:22:47 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1000
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 30.11.2012 14:37:26 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1000
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 5.12.2012 17:34:10 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1004
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 8.12.2012 2:09:33 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1000
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

Error - 8.12.2012 2:12:08 | Computer Name = ADMIN-764ABB8FF | Source = Application Error | ID = 1004
Description = Chybující aplikace DefWatch.exe, verze 10.1.7.7000, chybující modul
kernel32.dll, verze 5.1.2600.5781, adresa chyby 0x00012afb.

[ SitNGoWizard Events ]
Error - 28.12.2012 5:55:30 | Computer Name = ADMIN-764ABB8FF | Source = SitNGoWizard | ID = 1
Description = Index je mimo rozsah. Index musí být nezáporný a musí být menší než
velikost kolekce. Název parametru: index

Error - 28.12.2012 5:55:31 | Computer Name = ADMIN-764ABB8FF | Source = SitNGoWizard | ID = 1
Description = v System.Collections.ArrayList.get_Item(Int32 index) v SitNGoWizard.NewGameForm.EditAction(Int32
rowIndex, Point location) v SitNGoWizard.NewGameForm.dataGridViewPlayers_CellMouseClick(Object
sender, DataGridViewCellMouseEventArgs e) v System.Windows.Forms.DataGridView.OnCellMouseClick(DataGridViewCellMouseEventArgs
e) v System.Windows.Forms.DataGridView.OnMouseClick(MouseEventArgs e) v System.Windows.Forms.Control.WmMouseUp(Message&
m, MouseButtons button, Int32 clicks) v System.Windows.Forms.Control.WndProc(Message&
m) v System.Windows.Forms.DataGridView.WndProc(Message& m) v System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message&
m) v System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m) v
System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam,
IntPtr lparam)

Error - 28.12.2012 5:55:37 | Computer Name = ADMIN-764ABB8FF | Source = SitNGoWizard | ID = 1
Description = Index je mimo rozsah. Index musí být nezáporný a musí být menší než
velikost kolekce. Název parametru: index

[ System Events ]
Error - 7.3.2013 7:26:24 | Computer Name = ADMIN-764ABB8FF | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 7.3.2013 9:00:45 | Computer Name = ADMIN-764ABB8FF | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 7.3.2013 13:19:58 | Computer Name = ADMIN-764ABB8FF | Source = Service Control Manager | ID = 7000
Description = Služba DefragFS neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 7.3.2013 13:20:10 | Computer Name = ADMIN-764ABB8FF | Source = Service Control Manager | ID = 7034
Description = Služba Symantec AntiVirus Definition Watcher byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 7.3.2013 13:37:59 | Computer Name = ADMIN-764ABB8FF | Source = Service Control Manager | ID = 7034
Description = Služba Služba Google Update (gupdate) byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 7.3.2013 15:59:19 | Computer Name = ADMIN-764ABB8FF | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 8.3.2013 2:28:28 | Computer Name = ADMIN-764ABB8FF | Source = Service Control Manager | ID = 7000
Description = Služba DefragFS neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 8.3.2013 2:28:29 | Computer Name = ADMIN-764ABB8FF | Source = Service Control Manager | ID = 7034
Description = Služba Symantec AntiVirus Definition Watcher byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 8.3.2013 2:28:59 | Computer Name = ADMIN-764ABB8FF | Source = DCOM | ID = 10010
Description = Server {4EB61BAC-A3B6-4760-9581-655041EF4D69} se v daném časovém limitu
neregistroval u služby DCOM.

Error - 8.3.2013 15:39:32 | Computer Name = ADMIN-764ABB8FF | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1058 při pokusu o spuštění služby upnphost
s argumenty za účelem spuštění serveru: {204810B9-73B2-11D4-BF42-00B0D0118B56}

< End of report >

Jeste poprosim o log OTL.txt

OTL logfile created on: 8.3.2013 19:54:28 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Katka\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

511,23 Mb Total Physical Memory | 234,91 Mb Available Physical Memory | 45,95% Memory free
1,29 Gb Paging File | 0,83 Gb Available in Paging File | 64,51% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50,86 Gb Total Space | 5,41 Gb Free Space | 10,64% Space Free | Partition Type: NTFS

Computer Name: ADMIN-764ABB8FF | User Name: Katka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.03.08 19:48:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Katka\Plocha\OTL.exe
PRC - [2013.03.06 15:28:51 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.02.28 09:36:01 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.02.28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.09.20 07:39:37 | 000,095,232 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe
PRC - [2012.09.20 07:35:53 | 004,926,976 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files\PostgreSQL\9.0\bin\postgres.exe
PRC - [2012.08.22 15:59:57 | 000,123,320 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
PRC - [2008.04.14 07:52:24 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.23 18:41:36 | 000,495,832 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007.10.23 16:58:18 | 000,906,648 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007.10.23 15:10:50 | 000,140,568 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007.10.23 15:10:38 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2007.10.23 15:05:10 | 002,615,624 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2003.03.11 09:52:16 | 000,045,056 | ---- | M] (Kanex Group, Inc.) -- C:\Program Files\Restore Desktop\RestoreDesktop.exe

========== Modules (No Company Name) ==========

MOD - [2013.03.08 13:04:11 | 002,065,920 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13030800\algo.dll
MOD - [2008.05.02 05:15:37 | 000,010,240 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2007.10.23 18:41:36 | 000,495,832 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
MOD - [2007.10.23 13:05:08 | 001,332,504 | ---- | M] () -- C:\Program Files\Acronis\TrueImageHome\fox.dll
MOD - [2006.11.01 11:48:18 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2006.06.11 22:50:50 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.05.25 15:43:04 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.07 08:52:39 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.06 15:28:51 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.02.28 09:36:01 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.11.25 05:13:10 | 000,567,256 | ---- | M] (Mister Group) [On_Demand | Stopped] -- C:\Program Files\System Explorer\service\SystemExplorerService.exe -- (SystemExplorerHelpService)
SRV - [2012.09.20 07:39:37 | 000,095,232 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files\PostgreSQL\9.0\bin\pg_ctl.exe -- (postgresql-9.0)
SRV - [2012.08.22 15:59:57 | 000,123,320 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
SRV - [2011.06.23 20:52:13 | 000,355,584 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2008.05.29 08:28:54 | 000,028,416 | ---- | M] (TuneUp Software GmbH) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2007.12.18 17:44:24 | 000,119,592 | ---- | M] (symantec) [On_Demand | Stopped] -- C:\Program Files\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2007.12.18 17:44:06 | 001,834,792 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2007.12.18 17:43:20 | 000,031,016 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2007.10.23 18:41:36 | 000,495,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007.10.23 15:10:38 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\UIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | Auto | Stopped] -- -- (DefragFS)
DRV - [2013.02.28 09:36:37 | 000,765,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.02.28 09:36:37 | 000,368,248 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.02.28 09:36:37 | 000,163,784 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.02.28 09:36:37 | 000,062,448 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.02.28 09:36:36 | 000,066,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.02.28 09:36:36 | 000,049,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.02.28 09:36:36 | 000,049,320 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.02.28 09:36:35 | 000,029,880 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.01.21 21:30:41 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.10.30 23:51:56 | 000,020,624 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011.10.26 01:25:47 | 000,237,096 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2011.10.26 01:25:47 | 000,237,096 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (.neostsr2)
DRV - [2011.06.23 20:39:29 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011.06.23 20:39:29 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011.06.23 20:39:14 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2011.06.23 20:38:53 | 000,368,736 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2010.02.04 05:21:49 | 000,108,032 | R--- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smhwser.sys -- (smhwser)
DRV - [2010.01.14 00:02:28 | 000,100,864 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smhwdev.sys -- (smhwdev)
DRV - [2009.12.30 09:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
DRV - [2008.05.02 05:15:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2007.04.24 10:33:44 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdm.sys -- (s125mdm)
DRV - [2007.04.24 10:33:42 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125mdfl.sys -- (s125mdfl)
DRV - [2007.04.24 10:33:34 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s125bus.sys -- (s125bus)
DRV - [2006.10.12 14:28:42 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcmwl5.sys -- (BCM43XX)
DRV - [2005.05.03 14:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005.05.03 14:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005.05.03 14:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004.11.15 14:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97)
DRV - [2003.10.23 16:04:00 | 000,076,160 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gticard.sys -- (GTICARD)
DRV - [2003.08.29 14:56:12 | 000,052,080 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2002.12.10 15:13:22 | 000,007,552 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tiumflt.sys -- (DevUpper)
DRV - [1997.12.23 01:00:00 | 000,023,936 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes\{23DD4E51-E044-416D-AF01-E5443F257730}: "URL" = http://websearch.ask.com/redirect?clien ... B154DDDA6F
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.1.19
FF - prefs.js..extensions.enabledAddons: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009
FF - prefs.js..extensions.enabledAddons: fblayouts@hotlayouts2u.com:3.0.5
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:8.0.1482
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.07 13:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.06 18:55:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.06 18:55:41 | 000,000,000 | ---D | M]

[2011.06.23 13:11:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Katka\Data aplikací\Mozilla\Extensions
[2013.01.29 19:35:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Katka\Data aplikací\Mozilla\Firefox\Profiles\q0lnsexj.default\extensions
[2011.06.23 13:11:23 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Documents and Settings\Katka\Data aplikací\Mozilla\Firefox\Profiles\q0lnsexj.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.08.09 15:48:00 | 000,000,000 | ---D | M] ("Social Extras") -- C:\Documents and Settings\Katka\Data aplikací\Mozilla\Firefox\Profiles\q0lnsexj.default\extensions\fblayouts@hotlayouts2u.com
[2011.06.27 07:40:19 | 000,146,598 | ---- | M] () (No name found) -- C:\Documents and Settings\Katka\Data aplikací\Mozilla\Firefox\Profiles\q0lnsexj.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}.xpi
[2012.04.20 16:49:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.04.20 16:49:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011.06.23 13:10:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011.06.23 13:10:46 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KATKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\Q0LNSEXJ.DEFAULT\EXTENSIONS\{003D3EDC-99B9-4A34-9C20-60CB94F7E829}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KATKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\Q0LNSEXJ.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KATKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\Q0LNSEXJ.DEFAULT\EXTENSIONS\FBLAYOUTS@HOTLAYOUTS2U.COM
[2013.03.07 13:37:20 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011.06.28 06:10:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.16 05:30:16 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.01.01 09:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 09:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 09:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 09:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 09:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com

O1 HOSTS File: ([2013.01.29 21:26:55 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKU\S-1-5-21-3551075490-358186679-3239478339-1005..\Run: [RestoreDesktop] C:\Program Files\Restore Desktop\RestoreDesktop.exe (Kanex Group, Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3551075490-358186679-3239478339-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll ()
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 8833345290 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microso ... 8833632614 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{119BE713-3CB4-4437-A6E1-F06CCE6A442D}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (C:\WINDOWS\system32\NavLogon.dll) - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Katka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Katka\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{62ac3896-2e1f-11e1-bd32-000b7d0e8863}\Shell - "" = AutoRun
O33 - MountPoints2\{62ac3896-2e1f-11e1-bd32-000b7d0e8863}\Shell\AutoRun\command - "" = D:\PcOptions.exe
O33 - MountPoints2\{62ac389a-2e1f-11e1-bd32-000b7d0e8863}\Shell - "" = AutoRun
O33 - MountPoints2\{62ac389a-2e1f-11e1-bd32-000b7d0e8863}\Shell\AutoRun\command - "" = D:\PcOptions.exe
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.03.08 19:48:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Katka\Plocha\OTL.exe
[2013.03.07 18:38:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Google
[2013.03.07 18:32:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
[2013.03.07 18:22:13 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.03.07 13:37:48 | 000,066,408 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.03.07 11:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katka\Dokumenty\na web
[2013.03.07 08:43:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katka\Data aplikací\Apple Computer
[2013.03.06 15:30:55 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.06 15:30:07 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.03.06 15:30:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.06 15:30:06 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.06 10:29:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\QuickTime
[2013.03.06 10:28:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
[2013.03.06 10:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.03.06 10:25:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katka\Local Settings\Data aplikací\Apple
[2013.03.06 10:24:49 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2013.03.06 10:24:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Apple
[2013.03.06 10:24:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Katka\Local Settings\Data aplikací\Apple Computer
[2013.03.04 19:29:14 | 000,000,000 | ---D | C] -- C:\Poker

========== Files - Modified Within 7 Days ==========

[2013.03.08 20:18:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.03.08 20:11:36 | 000,171,008 | ---- | M] () -- C:\Documents and Settings\Katka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.08 20:11:27 | 000,053,677 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2013.03.08 20:00:52 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.03.08 19:48:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Katka\Plocha\OTL.exe
[2013.03.08 19:44:03 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.08 18:44:04 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.08 13:37:16 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.03.08 12:40:18 | 000,010,072 | ---- | M] () -- C:\Documents and Settings\Katka\Plocha\hijackthis 8.3.2013
[2013.03.08 08:29:00 | 000,957,791 | ---- | M] () -- C:\Documents and Settings\Katka\Dokumenty\Celestinské-proroctví.pdf
[2013.03.08 07:52:25 | 000,017,112 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.03.08 07:27:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.08 07:27:45 | 536,129,536 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.07 18:32:02 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.03.07 16:44:12 | 004,729,759 | ---- | M] () -- C:\Documents and Settings\Katka\Dokumenty\Manual_Excel_2007.pdf
[2013.03.07 13:37:46 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.03.07 08:52:28 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.07 08:52:21 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.06 17:15:29 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\Katka\Plocha\Registračky.odt
[2013.03.06 15:29:02 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.03.06 15:28:29 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.06 15:28:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.06 15:28:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.06 15:28:28 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.06 15:28:23 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.03.06 15:28:23 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.03.06 10:29:45 | 000,001,664 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2013.03.06 10:25:36 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.03.06 10:03:48 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.04 19:30:45 | 000,000,603 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Poker 770.lnk

========== Files Created - No Company Name ==========

[2013.03.08 20:00:52 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.03.08 12:40:18 | 000,010,072 | ---- | C] () -- C:\Documents and Settings\Katka\Plocha\hijackthis 8.3.2013
[2013.03.08 08:28:49 | 000,957,791 | ---- | C] () -- C:\Documents and Settings\Katka\Dokumenty\Celestinské-proroctví.pdf
[2013.03.07 18:32:00 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.03.07 18:23:12 | 000,000,938 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.03.07 18:23:09 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.03.07 16:44:09 | 004,729,759 | ---- | C] () -- C:\Documents and Settings\Katka\Dokumenty\Manual_Excel_2007.pdf
[2013.03.07 13:37:57 | 000,163,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.07 13:37:53 | 000,049,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.03.06 10:29:45 | 000,001,664 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\QuickTime Player.lnk
[2013.03.06 10:25:36 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.03.06 10:25:08 | 000,001,830 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Apple Software Update.lnk
[2013.03.04 19:30:46 | 000,000,609 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Poker 770.lnk
[2013.03.04 19:30:43 | 000,000,603 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Poker 770.lnk
[2013.02.12 14:25:41 | 000,005,023 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\flwjycbm.bab
[2012.12.25 12:37:33 | 000,002,375 | ---- | C] () -- C:\Documents and Settings\Katka\URPreferences.xml
[2012.10.06 08:35:38 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbkvs.dll
[2012.10.06 08:35:36 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\LXBKIH.EXE
[2012.10.06 08:35:36 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\LXBKLCNP.DLL
[2012.10.06 08:35:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\INSTMON.EXE
[2012.10.06 08:34:42 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\lxbkcoin.ini
[2012.09.15 17:39:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.09.09 18:37:31 | 000,080,090 | ---- | C] () -- C:\Documents and Settings\Katka\Data aplikací\SMBIOSSP.exe
[2012.04.20 16:25:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2012.02.17 18:06:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.17 19:35:44 | 000,002,292 | ---- | C] () -- C:\Documents and Settings\Katka\Data aplikací\ASSDraw3.cfg
[2011.07.27 21:02:33 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ReminderNextRun
[2011.06.30 06:30:10 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2011.06.29 14:57:55 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.06.29 12:39:42 | 000,171,008 | ---- | C] () -- C:\Documents and Settings\Katka\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.27 07:38:34 | 000,002,686 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2011.06.23 21:18:57 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.06.23 21:18:47 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.06.23 20:06:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportUSB.dll
[2011.06.23 20:06:30 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\TransportSerial.dll
[2011.06.23 19:42:11 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.06.23 13:11:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.04.20 15:17:56 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.04.20 15:16:32 | 000,307,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.04.20 13:59:51 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2011.04.20 13:57:24 | 000,053,677 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011.04.20 13:55:41 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2011.04.20 13:55:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2011.04.20 13:55:39 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2011.04.20 13:33:21 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.04.20 13:26:19 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2011.06.23 20:21:49 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2011.04.25 15:47:31 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.06.23 20:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2012.09.01 09:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.01.21 21:30:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.04.20 16:29:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DriverGenius
[2011.06.27 07:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2012.10.05 16:49:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MetaQuotes
[2012.08.23 18:59:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2013.02.04 17:32:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SystemExplorer
[2011.06.23 20:52:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2012.08.26 19:40:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\LangSoft
[2012.11.26 01:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Guest\Data aplikací\MusicIP
[2011.06.23 20:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\ACD Systems
[2011.06.23 20:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\ACDInTouch
[2013.01.20 10:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Acronis
[2011.09.11 08:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Aegisub
[2011.09.02 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\ESET
[2011.06.23 20:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\GlarySoft
[2013.02.27 17:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\join.me
[2011.06.27 07:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\LangSoft
[2011.06.23 19:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\MusicIP
[2013.01.12 11:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Party
[2011.07.28 01:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\PhotoFiltre
[2011.08.22 17:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\PhotoScape
[2011.09.29 14:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Sony
[2012.12.28 23:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\TeamViewer
[2011.06.23 20:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\TuneUp Software
[2011.06.23 20:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Acronis
[2013.02.14 21:57:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\postgres\Data aplikací\Acronis

========== Purity Check ==========

========== Custom Scans ==========

< >
[2011.04.20 13:27:21 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2011.04.20 13:34:41 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.02.17 12:59:59 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.02.17 13:19:12 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.03.06 10:25:36 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.03.07 18:23:09 | 000,000,934 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.07 18:23:12 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\NiwradSoft Shell Pack\Backup\explorer.exe
[2008.04.14 07:52:24 | 001,541,120 | ---- | M] (Microsoft Corporation) MD5=D63C59BB0CA2F83B62D003FD52863090 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,541,120 | ---- | M] (Microsoft Corporation) MD5=D63C59BB0CA2F83B62D003FD52863090 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:28 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=C4BA879B581BE34536FE01F79AC28631 -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 07:52:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,547,328 | ---- | M] (Microsoft Corporation) MD5=471341D353962A35DA3C6324D59D09C4 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,547,328 | ---- | M] (Microsoft Corporation) MD5=471341D353962A35DA3C6324D59D09C4 -- C:\WINDOWS\system32\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\NiwradSoft Shell Pack\Backup\winlogon.exe

< >

< %systemroot%*.* /U /s >
[38 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\avast_ash\Java Runtime Environment 6 (32 Bit)\*.tmp files -> C:\WINDOWS\Temp\avast_ash\Java Runtime Environment 6 (32 Bit)\*.tmp -> ]
[1 C:\WINDOWS\Temp\avast_ash\Mozilla Firefox\*.tmp files -> C:\WINDOWS\Temp\avast_ash\Mozilla Firefox\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.06.23 20:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\ACD Systems
[2011.06.23 20:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\ACDInTouch
[2013.01.20 10:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Acronis
[2012.12.30 21:15:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Adobe
[2011.06.27 20:34:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\AdobeUM
[2011.09.11 08:37:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Aegisub
[2013.03.07 08:43:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Apple Computer
[2011.06.23 19:52:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\CyberLink
[2011.09.02 20:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\ESET
[2011.06.23 20:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\GlarySoft
[2011.06.23 19:55:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\GRETECH
[2012.02.19 22:49:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Help
[2011.04.20 13:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Identities
[2013.02.27 17:13:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\join.me
[2011.06.27 07:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\LangSoft
[2011.06.27 09:11:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Macromedia
[2013.01.26 12:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Malwarebytes
[2013.03.06 11:29:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Media Player Classic
[2013.03.07 14:06:57 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Katka\Data aplikací\Microsoft
[2011.06.23 13:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Mozilla
[2013.01.12 11:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Mozilla-Cache
[2011.06.23 19:28:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\MusicIP
[2013.01.12 11:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Party
[2011.07.28 01:20:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\PhotoFiltre
[2011.08.22 17:55:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\PhotoScape
[2012.01.25 15:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Skype
[2012.01.25 15:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\skypePM
[2011.09.29 14:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Sony
[2011.09.02 20:46:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\Sun
[2012.12.28 23:43:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\TeamViewer
[2011.06.23 20:52:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Katka\Data aplikací\TuneUp Software

< %APPDATA%\*.exe /s >
[2012.09.09 18:37:31 | 000,080,090 | ---- | M] () -- C:\Documents and Settings\Katka\Data aplikací\SMBIOSSP.exe
[2012.12.26 14:28:38 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Katka\Data aplikací\Microsoft\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_6FEFF9B68218417F98F549.exe
[2012.12.26 14:28:39 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Katka\Data aplikací\Microsoft\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_B06349111D5E7CEE2A3C50.exe
[2012.12.26 14:28:39 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Katka\Data aplikací\Microsoft\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_BBE843A4210D005E08B21E.exe
[2012.12.26 14:28:39 | 000,009,158 | R--- | M] () -- C:\Documents and Settings\Katka\Data aplikací\Microsoft\Installer\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}\_ECF5B0A15121D905E30873.exe
[2013.03.06 10:37:50 | 000,896,928 | ---- | M] (Oracle Corporation) -- C:\Documents and Settings\Katka\Data aplikací\Sun\Java\JRERunOnce.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.03.08 20:18:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.03.06 10:25:36 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.03.08 13:37:16 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.03.08 18:44:04 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.08 20:44:21 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.04.20 15:15:35 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.04.20 15:15:35 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.04.20 15:15:35 | 000,483,328 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.03.07 13:37:46 | 000,002,504 | ---- | M] () -- C:\WINDOWS\system32\CONFIG.NT
[2013.03.06 15:28:23 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\deployJava1.dll
[2013.03.07 08:52:28 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerApp.exe
[2013.03.07 08:52:21 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
[2013.03.06 15:28:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\java.exe
[2013.03.06 15:28:28 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javacpl.cpl
[2013.03.06 15:28:29 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaw.exe
[2013.03.06 15:28:29 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\javaws.exe
[2013.03.06 15:28:23 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\npDeployJava1.dll
[2013.03.08 07:52:25 | 000,017,112 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2013.03.08 20:29:07 | 000,053,677 | ---- | M] () -- C:\WINDOWS\system32\nvModes.001
[2013.03.06 15:29:02 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\WindowsAccessBridge.dll
[2013.03.06 10:03:48 | 000,012,598 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RestoreDesktop" = C:\Program Files\Restore Desktop\RestoreDesktop.exe -- [2003.03.11 09:52:16 | 000,045,056 | ---- | M] (Kanex Group, Inc.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,040,448 | ---- | M] (Microsoft Corporation)
"swg" = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -- [2013.03.07 18:40:54 | 000,039,408 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.06.16 05:30:16 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=6C9CD3ECBA6732661C8BBE37A877A2BD -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 13:09:26 | 000,510,816 | ---- | M] (Microsoft Corporation) MD5=F68C1BAC147227B86FFB36828FF8BEDF -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2013.03.01 00:08:21 | 001,274,832 | ---- | M] (Google Inc.) MD5=1502417B401F5206ADE73995571AE8CB -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.03.08 20:00:52 | 000,000,512 | ---- | M] () MD5=0F6CF96B7DE30F731A8178FA08FA4A3A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.03.04 19:53:11 | 000,213,474 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\animations\bonus_crack\crack_intro.swf
[2013.03.04 20:46:37 | 000,028,809 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\bonus\win_msg\bonus_crackpink_txt.png
[2013.03.04 20:47:06 | 000,002,094 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_mouse_over.mp3
[2013.03.04 20:47:06 | 000,025,082 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_2.mp3
[2013.03.04 20:47:07 | 000,122,884 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_open_door_bomb.mp3
[2013.03.04 20:47:07 | 000,109,927 | ---- | M] () -- \Poker\Poker 770\data\slots_pinkpanther40line\sounds\bonus\crack_the_pink_bonus\crack_pending_eff.mp3
[2001.06.10 18:40:18 | 000,027,648 | ---- | M] () -- \Program Files\ACD Systems\ACDSee\patch (crack).exe
[2013.01.12 12:03:43 | 000,001,247 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\games\cardgames\blackjack\bjbar_safecrackerkeno_icon.jpg

< *keygen* /s >

< *loader* /s >
[2011.06.27 09:06:45 | 000,000,809 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Seven Remix XP\Tools\Reloader.lnk
[2011.10.02 11:22:56 | 000,001,765 | ---- | M] () -- \Documents and Settings\Katka\Dokumenty\Nepoužívané odkazy plochy\MP3 Downloader.lnk
[2012.11.01 19:37:53 | 000,373,448 | ---- | M] () -- \Documents and Settings\Katka\Dokumenty\Stažené soubory\SoftonicDownloader_for_microsoft-net-framework.exe
[1 \Documents and Settings\Katka\Dokumenty\Stažené soubory\*.tmp files -> \Documents and Settings\Katka\Dokumenty\Stažené soubory\*.tmp -> ]
[2013.02.17 13:18:12 | 000,001,174 | ---- | M] () -- \Documents and Settings\Katka\Local Settings\Temporary Internet Files\Content.IE5\AFX292HT\downloader[1].js
[2013.03.04 19:37:32 | 000,041,661 | ---- | M] () -- \Documents and Settings\Katka\Local Settings\Temporary Internet Files\Content.IE5\AFX292HT\HlStyleLoader[1].css
[2013.02.17 13:18:06 | 000,003,784 | ---- | M] () -- \Documents and Settings\Katka\Local Settings\Temporary Internet Files\Content.IE5\NHQGE3XU\bundleloader[1].js
[1 \Documents and Settings\Katka\Local Settings\Temporary Internet Files\Content.IE5\NHQGE3XU\*.tmp files -> \Documents and Settings\Katka\Local Settings\Temporary Internet Files\Content.IE5\NHQGE3XU\*.tmp -> ]
[2013.02.17 13:18:12 | 000,000,723 | ---- | M] () -- \Documents and Settings\Katka\Local Settings\Temporary Internet Files\Content.IE5\TY7JM0QR\downloaderror[1].js
[2013.03.04 19:30:08 | 000,610,176 | ---- | M] () -- \Poker\Poker 770\data\loader.dll
[2013.03.04 19:29:24 | 000,002,707 | ---- | M] () -- \Poker\Poker 770\data\loader.gam
[2013.03.04 19:35:07 | 000,005,265 | ---- | M] () -- \Poker\Poker 770\data\mgames\[en]\as2\movies\shared\loader.swf
[2013.03.04 19:29:26 | 000,002,608 | ---- | M] () -- \Poker\Poker 770\widgetbar\widgets\themecloud\resources\html\img\ajax-loader.gif
[2004.02.03 09:27:56 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2012.10.11 21:56:32 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader.tlb
[2006.10.26 13:45:02 | 000,061,440 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.dll
[2006.10.26 13:45:02 | 000,004,608 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7Debug\coloader80.tlb
[2012.11.05 19:35:14 | 000,048,315 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Cashier\WebDialog\cashier_loader.mng
[2012.11.05 19:35:14 | 000,015,895 | ---- | M] () -- \Program Files\Full Tilt Poker\Graphics\Lobby\Backgrounds\LoaderChip.gif
[2012.11.23 16:44:32 | 000,002,713 | ---- | M] () -- \Program Files\PartyGaming\components\uriloader.xpt
[2013.01.12 12:08:39 | 000,002,688 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\fcgames\cardgames\blackjack\multihandbj\Loader.swf
[2013.01.12 12:10:23 | 000,002,688 | ---- | M] () -- \Program Files\PartyGaming\PartyCasino\language\en_US\images\fcgames\roulette\Loader.swf
[2012.11.26 13:10:22 | 000,000,857 | ---- | M] () -- \Program Files\PartyGaming\PartyPoker\preloader.html
[2012.11.26 13:15:12 | 000,003,948 | ---- | M] () -- \Program Files\PartyGaming\PartyPoker\Images\loader.gif
[2012.11.26 13:15:04 | 000,002,086 | ---- | M] () -- \Program Files\PartyGaming\PartyPoker\Images\rounded_loader.gif
[2012.11.23 16:53:46 | 000,025,096 | ---- | M] () -- \Program Files\PartyGaming\PartyPoker\Uninstall\Preloader.jpg
[2013.01.12 11:47:15 | 000,007,277 | ---- | M] () -- \Program Files\PartyGaming\SmartUpgrader\Preloader.jpg
[2013.01.12 11:47:17 | 000,004,416 | ---- | M] () -- \Program Files\PartyGaming\SmartUpgrader\PreloaderIEImage.JPG
[2012.09.20 07:50:48 | 000,015,573 | ---- | M] () -- \Program Files\PostgreSQL\9.0\doc\pljava\pljava\org\postgresql\pljava\sqlj\Loader.html
[2012.09.20 07:29:26 | 000,000,708 | ---- | M] () -- \Program Files\PostgreSQL\9.0\include\server\utils\dynamic_loader.h
[2005.06.07 11:25:46 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.11.16 18:12:11 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2010.01.22 11:23:10 | 000,325,127 | ---- | M] () -- \WINDOWS\NiwradSoft Shell Pack\Tools\Reloader.exe
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< End of report >

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\UIUSys.sys -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | Auto | Stopped] -- -- (DefragFS)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes\{23DD4E51-E044-416D-AF01-E5443F257730}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=17B3D5AB-AFF3-4DF0-8761-B490DAF46FC3&apn_sauid=8A2E87B0-C898-435B-B17F-6AB154DDDA6F
IE - HKU\S-1-5-21-3551075490-358186679-3239478339-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KATKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\Q0LNSEXJ.DEFAULT\EXTENSIONS\{003D3EDC-99B9-4A34-9C20-60CB94F7E829}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KATKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\Q0LNSEXJ.DEFAULT\EXTENSIONS\{EA614400-E918-4741-9A97-7A972FF7C30B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\KATKA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\Q0LNSEXJ.DEFAULT\EXTENSIONS\FBLAYOUTS@HOTLAYOUTS2U.COM
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O33 - MountPoints2\{62ac3896-2e1f-11e1-bd32-000b7d0e8863}\Shell - "" = AutoRun
O33 - MountPoints2\{62ac389a-2e1f-11e1-bd32-000b7d0e8863}\Shell - "" = AutoRun
[38 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[15 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\avast_ash\Java Runtime Environment 6 (32 Bit)\*.tmp files -> C:\WINDOWS\Temp\avast_ash\Java Runtime Environment 6 (32 Bit)\*.tmp -> ]
[1 C:\WINDOWS\Temp\avast_ash\Mozilla Firefox\*.tmp files -> C:\WINDOWS\Temp\avast_ash\Mozilla Firefox\*.tmp -> ]
[2013.03.08 20:18:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.03.06 10:25:36 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.03.08 13:37:16 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.03.08 18:44:04 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.03.08 20:44:21 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service UIUSys stopped successfully!
Service UIUSys deleted successfully!
File system32\drivers\UIUSys.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Service DefragFS stopped successfully!
Service DefragFS deleted successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-3551075490-358186679-3239478339-1005\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-3551075490-358186679-3239478339-1005\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3551075490-358186679-3239478339-1005\Software\Microsoft\Internet Explorer\SearchScopes\{23DD4E51-E044-416D-AF01-E5443F257730}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23DD4E51-E044-416D-AF01-E5443F257730}\ not found.
Registry key HKEY_USERS\S-1-5-21-3551075490-358186679-3239478339-1005\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62ac3896-2e1f-11e1-bd32-000b7d0e8863}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62ac3896-2e1f-11e1-bd32-000b7d0e8863}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{62ac389a-2e1f-11e1-bd32-000b7d0e8863}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62ac389a-2e1f-11e1-bd32-000b7d0e8863}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1063.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1150.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1271.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP128A.tmp\System.Data.SqlXml.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP128A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP13.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1344.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP138C.tmp\WindowsBase.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP138C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1505.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP15A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1619.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP238.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24E.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp\WsatConfig.exe deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP275.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP41.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP46.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP57.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5AA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8C5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP98.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF55.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI12F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1A.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1D6.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI23.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2BE.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2C2.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2C7.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2D1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2F5.tmp deleted successfully.
C:\WINDOWS\Installer\MSI40F.tmp deleted successfully.
C:\WINDOWS\Installer\MSI429.tmp deleted successfully.
C:\WINDOWS\Installer\MSI758.tmp deleted successfully.
C:\WINDOWS\Installer\MSI7B4.tmp deleted successfully.
C:\WINDOWS\Installer\MSID.tmp deleted successfully.
C:\WINDOWS\Temp\gui14.tmp deleted successfully.
C:\WINDOWS\Temp\Hx295.tmp deleted successfully.
C:\WINDOWS\Temp\avast_ash\Java Runtime Environment 6 (32 Bit)\BIT2.tmp deleted successfully.
C:\WINDOWS\Temp\avast_ash\Mozilla Firefox\BIT1.tmp deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Guest
->Temp folder emptied: 8321 bytes
->Temporary Internet Files folder emptied: 37571 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 387075443 bytes
->Flash cache emptied: 17977 bytes

User: Katka
->Temp folder emptied: 45334165 bytes
->Temporary Internet Files folder emptied: 15392727 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 140873294 bytes
->Google Chrome cache emptied: 15798219 bytes
->Flash cache emptied: 19718 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21554 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 72063002 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 1470250042 bytes

Total Files Cleaned = 2 048,00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Katka
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: postgres

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: Guest
->Java cache emptied: 0 bytes

User: Katka
->Java cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: postgres

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 03102013_112602

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

Re:kontrola logu --vyosek

Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek

Re: Re:kontrola logu --vyosek