VIRY.CZ

Dobrý večer,prosím o kontrolu logu,pc je děsně pomalé
procesor jede porád na 100%,proces svchost.exe bere
cca 70% výkonu procesoru děkuji

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:05:27, on 15.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21357)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\windows\system32\spoolsv.exe
C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\windows\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\windows\system32\svchost.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\Pavel Schich\Plocha\RSIT.exe
E:\InstallPack\Pavel .exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://verysafesearch.com/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://verysafesearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://verysafesearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://verysafesearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://verysafesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://verysafesearch.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://verysafesearch.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: (no name) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - (no file)
O3 - Toolbar: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - (no file)
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_S148.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7102634812
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\windows\SYSTEM32\avgrsstx.dll
O23 - Service: Active@ Disk Monitor - LSoft Technologies Inc - C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 10600 bytes

======Scheduled tasks folder======

C:\windows\tasks\avast! Emergency Update.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-23 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-11-23 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2005-08-06 61440]
"CTCheck"=C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-11-06 397312]
"SoundMan"=C:\windows\SOUNDMAN.EXE [2010-02-22 81920]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-05-30 585728]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-07-11 74752]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-11-23 3568312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
"EPSON Stylus SX200 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]
"SoftAuto.exe"=C:\Program Files\Creative\Software Update 3\SoftAuto.exe [2008-08-13 405504]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Hlavní panel ATI CATALYST.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\windows\system32\Ati2evxx.dll [2006-02-21 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\windows\system32\avgrsstx.dll [2010-06-22 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\V-Gear BEE\VBService.exe"="C:\Program Files\V-Gear BEE\VBService.exe:*:Enabled:V-Gear Bee Service"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Pavel Schich\Plocha\winbox.exe"="C:\Documents and Settings\Pavel Schich\Plocha\winbox.exe:*:Enabled:winbox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2013-12-11 18:28:18 ----D---- C:\rsit
2013-11-24 09:30:49 ----D---- C:\Program Files\Mozilla Firefox
2013-11-23 18:34:38 ----D---- C:\Documents and Settings\Pavel Schich\Data aplikací\AVAST Software
2013-11-23 18:33:32 ----A---- C:\windows\system32\aswBoot.exe
2013-11-23 18:32:58 ----D---- C:\Program Files\AVAST Software
2013-11-23 18:31:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-11-21 08:31:34 ----D---- C:\Program Files\Defraggler
2013-11-18 18:21:51 ----HDC---- C:\windows\$NtUninstallKB2868626$
2013-11-18 18:21:42 ----HDC---- C:\windows\$NtUninstallKB2900986$
2013-11-18 18:21:32 ----HDC---- C:\windows\$NtUninstallKB2862152$
2013-11-18 18:20:41 ----HDC---- C:\windows\$NtUninstallKB2876331$
2013-11-16 16:57:15 ----D---- C:\Documents and Settings\Pavel Schich\Data aplikací\Malwarebytes
2013-11-16 16:57:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-11-15 17:00:24 ----D---- C:\windows\ERUNT
2013-11-15 16:41:40 ----D---- C:\Program Files\HD Tune

======List of files/folders modified in the last 1 months======

2013-12-11 18:28:04 ----D---- C:\windows\Prefetch
2013-12-11 18:22:30 ----D---- C:\windows\Temp
2013-12-11 17:36:53 ----D---- C:\WINDOWS
2013-12-11 17:36:43 ----A---- C:\windows\SchedLgU.Txt
2013-12-11 11:27:42 ----D---- C:\Documents and Settings\Pavel Schich\Data aplikací\Winamp
2013-12-11 11:09:27 ----D---- C:\Documents and Settings\Pavel Schich\Data aplikací\vlc
2013-12-11 10:08:03 ----A---- C:\windows\NeroDigital.ini
2013-12-03 16:27:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2013-11-25 06:06:20 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-11-24 14:37:12 ----RD---- C:\Program Files
2013-11-24 11:01:24 ----D---- C:\Program Files\Smarty Uninstaller Pro
2013-11-24 11:01:21 ----D---- C:\windows\system32
2013-11-23 19:00:57 ----A---- C:\windows\wincmd.ini
2013-11-23 18:53:04 ----AC---- C:\windows\system32\PerfStringBackup.INI
2013-11-23 18:42:31 ----SD---- C:\windows\Tasks
2013-11-23 18:33:34 ----D---- C:\windows\system32\drivers
2013-11-23 18:33:32 ----D---- C:\windows\WinSxS
2013-11-21 15:29:53 ----SHD---- C:\System Volume Information
2013-11-21 15:29:53 ----D---- C:\windows\system32\Restore
2013-11-21 08:25:27 ----D---- C:\windows\Debug
2013-11-18 18:21:54 ----HD---- C:\windows\inf
2013-11-18 18:21:53 ----RSHDC---- C:\windows\system32\dllcache
2013-11-18 18:21:21 ----D---- C:\Program Files\Internet Explorer
2013-11-18 18:21:14 ----D---- C:\windows\system32\cs-cz
2013-11-18 18:21:09 ----D---- C:\windows\system32\CatRoot2
2013-11-17 14:58:56 ----SHD---- C:\windows\Installer
2013-11-16 10:14:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-11-15 16:56:13 ----SHD---- C:\Config.Msi
2013-11-15 16:55:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-11-15 15:45:41 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\windows\system32\drivers\aswTdi.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-02 218688]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\windows\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 VIAPFD;VIAPFD; C:\windows\System32\Drivers\VIAPFD.SYS [2001-12-18 3279]
R2 aswFsBlk;aswFsBlk; \??\C:\windows\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []
R2 irda;Protokol IrDA; C:\windows\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 aeaudio;aeaudio; C:\windows\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 ARCSOFTVIRTUALCAPTURE;ArcSoft Magic-i Driver; C:\windows\system32\DRIVERS\ArcSoftVirtualCapture.sys [2006-11-24 14336]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\windows\system32\DRIVERS\ati2mtag.sys [2006-02-21 1505792]
R3 atinrvxx;ATI WDM Rage Theater Video; C:\windows\system32\DRIVERS\atinrvxx.sys [2004-08-03 105984]
R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\windows\system32\DRIVERS\EL2K_XP.sys [2003-07-17 147328]
R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\windows\system32\DRIVERS\atinmdxx.sys [2004-08-03 13824]
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 Rasirda;WAN Miniport (IrDA); C:\windows\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 smwdm;smwdm; C:\windows\system32\drivers\smwdm.sys [2003-06-02 578304]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\windows\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 AmdK8;AMD Processor Driver; C:\windows\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
S3 a6ygfzld;a6ygfzld; C:\windows\system32\drivers\a6ygfzld.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\windows\system32\drivers\ALCXWDM.SYS [2005-07-26 3644032]
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 es1371;Creative AudioPCI (ES1371,ES1373) (WDM); C:\windows\system32\drivers\es1371mp.sys [2001-08-17 40704]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 irsir;Microsoft Serial Infrared Driver; C:\windows\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\windows\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\windows\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\windows\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\windows\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\windows\system32\DRIVERS\k750obex.sys []
S3 MidiSyn;MidiSyn; C:\windows\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\windows\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\windows\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\windows\system32\DRIVERS\R8139n51.SYS [2002-03-26 45568]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\windows\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\windows\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WpdUsb;WpdUsb; C:\windows\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Active@ Disk Monitor;Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [2011-06-16 1465016]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\windows\system32\Ati2evxx.exe [2006-02-21 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-23 50344]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Irmon;Sledování infračerveného přenosu; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 MgiSvr;MgiSvr; C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe [2006-11-12 76544]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-04-19 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-24 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Pavel on źt 12.12.2013 at 6:14:35.18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 12.12.2013 at 8:24:03.48
End of JRT log
---------------------------------------------------------------------------------------------------------

AdwCleaner v3.015 - Report created 12/12/2013 at 09:09:26
# Updated 10/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Pavel - ATHLON
# Running from : C:\Documents and Settings\Pavel \Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21359


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\Pavel \Data aplikací\Mozilla\Firefox\Profiles\ytsn61zs.default-1385826042078\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Pavel \Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R1].txt - [1321 octets] - [12/12/2013 08:35:56]
AdwCleaner[S1].txt - [1248 octets] - [12/12/2013 09:09:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1308 octets] ##########

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Jak dlouho trvá ten otl scan,už to běží přes hodinu,je to v pořádku?

Pokud bezi a nezaskne se na vic jak 15 minut, tak jej nechte...Ono hodne zalezi na rychlosti PC, disku a predevsim kolika soubory se musi probrat...

OTL Extras logfile created on: 12.12.2013 12:28:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pavel \Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1.50 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 55.93% Memory free
3.35 Gb Paging File | 2.80 Gb Available in Paging File | 83.47% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 27.53 Gb Free Space | 56.38% Space Free | Partition Type: NTFS
Drive D: | 166.02 Gb Total Space | 30.34 Gb Free Space | 18.27% Space Free | Partition Type: NTFS
Drive E: | 18.03 Gb Total Space | 11.85 Gb Free Space | 65.69% Space Free | Partition Type: NTFS
Drive H: | 149.04 Gb Total Space | 65.74 Gb Free Space | 44.11% Space Free | Partition Type: NTFS

Computer Name: ATHLON | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"C:\Program Files\V-Gear BEE\VBService.exe" = C:\Program Files\V-Gear BEE\VBService.exe:*:Enabled:V-Gear Bee Service -- (Asiamajor Inc.)
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Disabled:EA Download Manager
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\Pavel \Plocha\winbox.exe" = C:\Documents and Settings\Pavel \Plocha\winbox.exe:*:Enabled:winbox


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{1C42D474-BDBD-4200-829D-28246879365D}" = Active@ Hard Disk Monitor
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1" = HellSpy Klient verze 0.8.0
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.8) - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D23B94EF-3D81-4EC7-B826-EF3D07F8C7AF}_is1" = HellShare Upload Manager verze 2.0.0
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ATI Display Driver" = ATI Display Driver
"Avast" = avast! Free Antivirus
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HD Tune_is1" = HD Tune 2.50
"HijackThis" = HijackThis 2.0.2
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Registrace uživatele zařízení Canon MG5100 series" = Registrace uživatele zařízení Canon MG5100 series
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player 2.1.1
"Winamp" = Winamp
"WinZip" = WinZip

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SpeedMeter" = SpeedMeter
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.12.2013 1:50:26 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6683.5002, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.12.2013 1:54:15 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6683.5002, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.12.2013 1:55:24 | Computer Name = ATHLON | Source = Microsoft Office 12 | ID = 5000
Description = EventType officelifeboathang, P1 winword.exe, P2 12.0.6683.5002, P3
ntdll.dll, P4 5.1.2600.6055, P5 NIL, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.

Error - 11.12.2013 12:46:24 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 25.0.1.5064, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.12.2013 4:24:24 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 7.0.6000.21359, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.12.2013 4:24:31 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace rundll32.exe, verze 5.1.2600.5512, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.12.2013 4:52:18 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iexplore.exe, verze 7.0.6000.21359, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.12.2013 5:12:10 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Defraggler.exe, verze 2.16.0.809, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.12.2013 5:12:14 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace Defraggler.exe, verze 2.16.0.809, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.12.2013 8:07:01 | Computer Name = ATHLON | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 12.0.6683.5002, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba Ati HotKey Poller byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba Creative Service for CDROM Access byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba Canon Inkjet Printer/Scanner/Fax Extended Survey Program byla
neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba MgiSvr byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba SoundMAX Agent Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7031
Description = Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba Active@ Disk Monitor byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba CT Device Query service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 12.12.2013 4:09:27 | Computer Name = ATHLON | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.


< End of report >

OTL logfile created on: 12.12.2013 12:28:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pavel \Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1.50 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 55.93% Memory free
3.35 Gb Paging File | 2.80 Gb Available in Paging File | 83.47% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 48.83 Gb Total Space | 27.53 Gb Free Space | 56.38% Space Free | Partition Type: NTFS
Drive D: | 166.02 Gb Total Space | 30.34 Gb Free Space | 18.27% Space Free | Partition Type: NTFS
Drive E: | 18.03 Gb Total Space | 11.85 Gb Free Space | 65.69% Space Free | Partition Type: NTFS
Drive H: | 149.04 Gb Total Space | 65.74 Gb Free Space | 44.11% Space Free | Partition Type: NTFS

Computer Name: ATHLON | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.12.12 12:24:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel \Plocha\OTL.exe
PRC - [2013.12.11 19:58:23 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.11.23 18:42:15 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.11.23 18:42:15 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.07.11 22:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2011.06.16 11:41:08 | 001,465,016 | ---- | M] (LSoft Technologies Inc) -- C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 02:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.02.22 06:42:04 | 000,081,920 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2008.08.13 04:49:30 | 000,405,504 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Software Update 3\SoftAuto.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.06 11:08:10 | 000,397,312 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
PRC - [2007.07.17 11:03:38 | 000,868,352 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
PRC - [2007.04.02 07:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe
PRC - [2006.11.12 22:02:08 | 000,076,544 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
PRC - [2005.08.06 01:07:30 | 000,061,440 | ---- | M] (ATI Technologies Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
PRC - [2003.05.29 16:28:32 | 000,790,528 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2013.12.11 21:06:21 | 002,152,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13121101\algo.dll
MOD - [2013.12.11 19:58:16 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.11.23 18:33:29 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.07.11 05:10:54 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_c63b14fd\mscorlib.dll
MOD - [2013.07.11 05:10:39 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_fc833cde\system.drawing.dll
MOD - [2013.07.11 05:10:15 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_0ead257b\system.xml.dll
MOD - [2013.07.10 20:36:56 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_92cfefb6\system.windows.forms.dll
MOD - [2013.07.10 20:36:40 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_c7e7f0bb\system.dll
MOD - [2013.07.10 20:36:26 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013.07.10 20:36:25 | 001,269,760 | ---- | M] () -- c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll
MOD - [2013.07.10 20:36:24 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013.07.10 20:36:21 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
MOD - [2009.03.15 11:28:33 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.15 11:28:32 | 000,180,224 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms.resources\1.0.5000.0_cs_b77a5c561934e089\system.windows.forms.resources.dll
MOD - [2009.03.03 22:21:42 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009.03.03 22:21:41 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009.03.03 22:21:41 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2008.07.09 09:05:50 | 000,421,888 | ---- | M] () -- C:\WINDOWS\system32\ac3filter.acm
MOD - [2008.04.14 04:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.07.17 11:03:38 | 000,868,352 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
MOD - [2007.02.07 16:51:20 | 000,188,416 | ---- | M] () -- C:\Program Files\Creative\Sync Manager Unicode\CTSyncRs.crl
MOD - [2006.09.14 16:29:48 | 000,315,392 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2006.09.13 23:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005.04.19 19:02:58 | 000,069,632 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.12.11 19:58:19 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.23 18:42:15 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.10.11 19:44:02 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.19 14:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.16 11:41:08 | 001,465,016 | ---- | M] (LSoft Technologies Inc) [Auto | Running] -- C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe -- (Active@ Disk Monitor)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008.05.21 12:42:56 | 000,064,000 | ---- | M] (Creative Technology Ltd) [On_Demand | Stopped] -- C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe -- (CTUPnPSv)
SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.04.02 07:15:40 | 000,061,440 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTDevSrv.exe -- (CTDevice_Srv)
SRV - [2006.11.12 22:02:08 | 000,076,544 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe -- (MgiSvr)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdm.sys -- (k750mdm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ab9a8j7e)
DRV - [2013.11.23 18:42:22 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.11.23 18:42:22 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.11.23 18:42:21 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.11.23 18:42:21 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.11.23 18:42:21 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.11.23 18:42:21 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.11.23 18:33:30 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.11.23 18:33:29 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2011.03.02 21:53:53 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2009.07.15 08:08:24 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.15 17:06:34 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.09.17 14:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.03 15:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007.07.03 15:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007.07.03 15:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2006.11.24 01:53:52 | 000,014,336 | ---- | M] (ArcSoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftVirtualCapture.sys -- (ARCSOFTVIRTUALCAPTURE)
DRV - [2006.02.21 20:46:26 | 001,505,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.07.26 10:03:22 | 003,644,032 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2005.03.09 07:53:00 | 000,036,352 | R--- | M] (Advanced Micro Devices) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.09.03 18:23:10 | 000,115,680 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.09.03 18:19:07 | 000,054,368 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.08.03 14:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004.08.03 14:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004.07.19 15:49:54 | 000,007,040 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\prosync1.sys -- (prosync1)
DRV - [2004.06.03 03:40:46 | 000,079,360 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2004.05.17 07:00:54 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.05.17 07:00:52 | 000,033,280 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2003.12.01 16:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.10.29 06:02:00 | 000,021,120 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003.07.17 10:22:10 | 000,147,328 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EL2K_XP.sys -- (EL2000)
DRV - [2002.09.20 10:53:34 | 000,235,100 | ---- | M] (Analog Devices Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MidiSyn.sys -- (MidiSyn)
DRV - [2002.03.26 09:34:22 | 000,045,568 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2001.12.18 14:45:04 | 000,003,279 | ---- | M] (VIA Technologies. Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\VIAPFD.SYS -- (VIAPFD)
DRV - [2001.08.17 22:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001.08.17 20:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://verysafesearch.com/
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://verysafesearch.com/
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes\{6BF216FB-CE88-4F80-8ED6-476D5BA7A16E}: "URL" = http://www.google.cz/search?q={searchTe ... {startPage}
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes\search13: "URL" = http://verysafesearch.com/search.php?q={searchTerms}
IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Pavel Schich\Data aplikací\Facebook\npfbplugin_1_0_3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.11.23 18:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.12.11 19:57:24 | 000,000,000 | ---D | M]

[2009.03.15 08:56:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel \Data aplikací\Mozilla\Extensions
[2013.08.18 19:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel \Data aplikací\Mozilla\Firefox\Profilesoaye6xp6.default\extensions
[2013.08.18 19:18:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pavel \Data aplikací\Mozilla\Firefox\Profilesoaye6xp6.default\extensions\staged
[2013.12.11 19:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.11 19:58:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Chrome In-App Payments service = C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2004.08.18 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\cli.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [SoundMan] C:\windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003..\Run: [CTSyncU.exe] C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003..\Run: [EPSON Stylus SX200 Series] C:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003..\Run: [SoftAuto.exe] C:\Program Files\Creative\Software Update 3\SoftAuto.exe (Creative Technology Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Hlavní panel ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} http://tw.msi.com.tw/autobios/client/iftwclix.cab (InstallFromTheWeb ActiveX Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 7102634812 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{007DF4B5-1A43-4005-88B4-D9D3B6C12FC7}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B3901ED-E4F7-4642-BCB2-07700809A2EC}: DhcpNameServer = 212.158.128.2 212.158.128.3
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ACA651D2-7DE8-4A25-803A-F6ABA0460F13}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pavel Schich\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3filter - C:\windows\System32\ac3filter.acm ()
Drivers32: msacm.at3 - C:\windows\System32\atrac3.acm ()
Drivers32: msacm.divxa32 - C:\windows\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\windows\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\windows\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.divx - C:\windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\windows\System32\ff_vfw.dll ()
Drivers32: vidc.hfyu - C:\windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.iv31 - C:\windows\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\windows\System32\ir32.dll ()
Drivers32: vidc.iv41 - C:\windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.IV45 - C:\windows\System32\ir41_qc.dll (Intel Corporation.)
Drivers32: vidc.iv50 - C:\windows\System32\ir50_32.dll (Ligos Corporation)
Drivers32: vidc.vp60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.wmv3 - C:\windows\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.xvid - C:\windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.12.12 12:24:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pavel \Plocha\OTL.exe
[2013.12.12 08:35:50 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.11 19:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.12.11 19:51:08 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Pavel \Plocha\JRT.exe
[2013.12.11 18:49:12 | 003,386,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Pavel Schich\Plocha\avg_remover_stf_x86_2014_4116.exe
[2013.12.11 18:28:18 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.11 10:42:57 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pavel \Recent

========== Files - Modified Within 7 Days ==========

[2013.12.12 13:18:50 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.12 12:24:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pavel \Plocha\OTL.exe
[2013.12.12 10:06:38 | 000,000,364 | -H-- | M] () -- C:\windows\tasks\avast! Emergency Update.job
[2013.12.12 09:55:11 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2013.12.12 09:54:56 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2013.12.12 09:54:54 | 1609,355,264 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.11 19:51:45 | 001,226,802 | ---- | M] () -- C:\Documents and Settings\Pavel \Plocha\adwcleaner.exe
[2013.12.11 19:51:22 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Pavel \Plocha\JRT.exe
[2013.12.11 18:49:27 | 003,386,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Pavel \Plocha\avg_remover_stf_x86_2014_4116.exe
[2013.12.11 18:43:50 | 000,003,286 | ---- | M] () -- C:\windows\wincmd.ini
[2013.12.11 18:26:50 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Pavel \Plocha\RSIT.exe
[2013.12.11 10:38:13 | 000,245,248 | ---- | M] () -- C:\Documents and Settings\Pavel \Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.11 10:08:03 | 000,000,069 | ---- | M] () -- C:\windows\NeroDigital.ini
[2013.12.05 18:37:22 | 000,007,212 | ---- | M] () -- C:\Documents and Settings\Pavel \Dokumenty\cc_20131205_1837.reg

========== Files Created - No Company Name ==========

[2013.12.12 13:18:50 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.11 19:51:31 | 001,226,802 | ---- | C] () -- C:\Documents and Settings\Pavel \Plocha\adwcleaner.exe
[2013.12.11 18:26:39 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Pavel \Plocha\RSIT.exe
[2013.12.05 18:37:19 | 000,007,212 | ---- | C] () -- C:\Documents and Settings\Pavel \Dokumenty\cc_20131205_1837.reg
[2013.11.23 18:33:34 | 000,178,304 | ---- | C] () -- C:\windows\System32\drivers\aswVmm.sys
[2013.11.23 18:33:34 | 000,049,944 | ---- | C] () -- C:\windows\System32\drivers\aswRvrt.sys
[2013.01.24 18:02:08 | 000,000,000 | ---- | C] () -- C:\windows\PowerReg.dat
[2013.01.11 19:28:39 | 000,000,037 | ---- | C] () -- C:\windows\CONTEXT.INI
[2012.02.15 14:30:07 | 000,003,072 | ---- | C] () -- C:\windows\System32\iacenc.dll
[2011.02.15 09:08:51 | 000,229,117 | ---- | C] () -- C:\Documents and Settings\Pavel \Local Settings\Data aplikací\SRDownloader.err
[2011.02.11 20:20:53 | 000,001,168 | ---- | C] () -- C:\Documents and Settings\Pavel \Local Settings\Data aplikací\SRDownloader.nast
[2010.05.20 20:55:46 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Pavel \Data aplikací\$_hpcst$.hpc
[2009.03.06 11:23:37 | 000,245,248 | ---- | C] () -- C:\Documents and Settings\Pavel \Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.03.03 19:06:35 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Pavel \Local Settings\Data aplikací\fusioncache.dat

========== ZeroAccess Check ==========

[2009.03.03 19:01:54 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.03.06 08:27:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2013.11.23 18:32:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.12.02 15:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2013.05.25 14:41:33 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
[2013.01.26 17:26:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
[2013.01.26 17:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMSetup
[2013.01.26 17:53:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJMyPrinter
[2013.12.03 16:27:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
[2013.01.26 17:19:48 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJScan
[2013.01.26 17:24:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJSolutionMenuEX
[2013.01.26 17:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CanonIJWSpt
[2011.03.15 08:49:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.12.02 15:23:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CropBusters
[2011.03.02 15:18:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2009.05.26 14:46:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2010.03.13 17:53:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2010.12.25 11:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy3_Russia
[2013.11.16 10:14:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2010.01.11 20:25:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LangSoft
[2010.05.23 09:10:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2012.01.14 14:42:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.03.28 09:51:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL
[2009.03.28 10:38:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WinZip
[2010.01.04 15:25:12 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{615DB4DC-B7C1-4125-9858-78EF460B76D2}
[2010.01.04 15:24:55 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4028A14-0B3A-41DD-AE92-71C069AB3246}
[2013.11.23 18:43:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\AVAST Software
[2013.11.23 18:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\AVAST Software
[2010.12.09 19:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\AVG9
[2013.01.26 17:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Canon
[2009.03.15 17:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DAEMON Tools
[2011.03.02 21:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DAEMON Tools Lite
[2009.03.15 17:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DAEMON Tools Pro
[2009.03.28 15:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\EPSON
[2011.04.23 14:32:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Happy Foto
[2012.11.01 07:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\HellShare Upload Manager
[2013.03.05 14:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\HellSpy.cz Download Manager
[2011.02.24 16:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\ICQ
[2009.03.03 19:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\ICQ Toolbar
[2009.08.18 10:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\IrfanView
[2009.03.15 17:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\LangSoft
[2013.09.04 12:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Mikrotik
[2010.05.23 09:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\PC Suite
[2010.05.20 20:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Samsung
[2010.05.17 20:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Teleca
[2010.02.26 14:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.03.02 22:28:59 | 000,000,065 | RH-- | C] () -- C:\windows\Tasks\desktop.ini
[2009.03.02 22:34:14 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2013.11.23 18:33:44 | 000,000,364 | -H-- | C] () -- C:\windows\Tasks\avast! Emergency Update.job

< >

< MD5 for: ATAPI.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.03.04 13:30:14 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.03.04 13:30:14 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[2004.08.18 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.18 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.03.04 13:30:14 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.03.04 13:30:14 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.18 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.18 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.03.04 13:30:14 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.03.04 13:30:14 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.18 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.18 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2004.08.18 13:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=6E401E61F952FBBF708AFBECEFAFAE81 -- C:\WINDOWS\$NtServicePackUninstall$\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe
[2008.04.14 04:22:45 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.18 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.18 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.18 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\windows\Temp\_avast_\*.tmp files -> C:\windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.10.23 18:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Adobe
[2009.03.10 14:03:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\AdobeUM
[2009.03.22 12:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Ahead
[2009.03.28 10:01:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\ArcSoft
[2009.03.03 19:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\ATI
[2013.11.23 18:34:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\AVAST Software
[2010.12.09 19:47:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\AVG9
[2013.01.26 17:25:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Canon
[2010.01.04 15:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Creative
[2009.03.15 17:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DAEMON Tools
[2011.03.02 21:57:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DAEMON Tools Lite
[2009.03.15 17:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DAEMON Tools Pro
[2009.03.26 12:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\DivX
[2013.05.25 12:17:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\dvdcss
[2009.03.28 15:40:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\EPSON
[2009.03.15 17:28:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\GRETECH
[2011.04.23 14:32:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Happy Foto
[2012.11.01 07:47:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\HellShare Upload Manager
[2013.03.05 14:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\HellSpy.cz Download Manager
[2009.05.30 18:58:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Help
[2011.02.24 16:56:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\ICQ
[2009.03.03 19:16:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\ICQ Toolbar
[2009.03.02 22:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Identities
[2009.03.28 09:48:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\InstallShield
[2009.08.18 10:14:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\IrfanView
[2009.03.15 17:25:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\LangSoft
[2009.03.03 00:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Macromedia
[2013.11.16 16:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Malwarebytes
[2009.03.06 11:23:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Media Player Classic
[2012.10.23 18:25:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Pavel \Data aplikací\Microsoft
[2010.08.31 15:55:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Microsoft Games
[2013.09.04 12:25:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Mikrotik
[2009.03.03 19:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Mozilla
[2010.05.23 09:10:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\PC Suite
[2010.05.20 20:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Samsung
[2013.05.27 16:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Skype
[2011.07.01 08:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\skypePM
[2009.08.13 16:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Sun
[2010.05.17 20:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Teleca
[2013.12.12 12:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\vlc
[2013.12.11 11:27:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Winamp
[2010.02.26 14:32:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pavel \Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2009.05.25 15:07:20 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Pavel \Data aplikací\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013.12.12 10:06:38 | 000,000,364 | -H-- | M] () -- C:\windows\Tasks\avast! Emergency Update.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.03.15 17:06:34 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.03.02 23:18:11 | 000,094,208 | ---- | M] () -- C:\windows\System32\config\default.sav
[2009.03.02 23:18:11 | 000,663,552 | ---- | M] () -- C:\windows\System32\config\software.sav
[2009.03.02 23:18:11 | 000,471,040 | ---- | M] () -- C:\windows\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.12.12 09:55:11 | 000,002,206 | ---- | M] () -- C:\windows\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\windows\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"CTSyncU.exe" = "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" -- [2007.07.17 11:03:38 | 000,868,352 | ---- | M] ()
"EPSON Stylus SX200 Series" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_S148.tmp" /EF "HKCU" -- [2007.12.13 06:00:00 | 000,188,928 | ---- | M] (SEIKO EPSON CORPORATION)
"SoftAuto.exe" = "C:\Program Files\Creative\Software Update 3\SoftAuto.exe" -- [2008.08.13 04:49:30 | 000,405,504 | ---- | M] (Creative Technology Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.12.11 19:58:23 | 000,275,568 | ---- | M] (Mozilla Corporation) MD5=1EEA6C1B35191DC177EA83672B9C3FC0 -- C:\Program Files\Mozilla Firefox\firefox.exe
[1 C:\Program Files\Mozilla Firefox\*.tmp files -> C:\Program Files\Mozilla Firefox\*.tmp -> ]

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.10.13 08:39:29 | 000,643,312 | ---- | M] (Microsoft Corporation) MD5=9D1F3DC7C39CD0BE551B7BC70D59F31D -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.12 13:18:50 | 000,000,512 | ---- | M] () MD5=78366BF3EF6D7543624D5EB448B11D0A -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013.08.18 19:21:59 | 000,004,301 | ---- | M] () -- \Documents and Settings\Pavel \Local Settings\Data aplikací\JDownloader v2.0\jd\plugins\hoster\CrackedCom.class

< *keygen* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:39413AC3

< End of report >

tak jak to vypadá,je to v pořádku?

Omlouvam se, nejak jsem ted nestihal

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  @Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:39413AC3
  [2013.12.12 10:06:38 | 000,000,364 | -H-- | M] () -- C:\windows\Tasks\avast! Emergency Update.job
  [1 C:\windows\Temp\_avast_\*.tmp files -> C:\windows\Temp\_avast_\*.tmp -> ]
  [2013.12.11 18:49:12 | 003,386,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Documents and Settings\Pavel Schich\Plocha\avg_remover_stf_x86_2014_4116.exe
  O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
  O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
  O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe File not found
  O3 - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
  IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes,DefaultScope = 
  IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
  IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes\{6BF216FB-CE88-4F80-8ED6-476D5BA7A16E}: "URL" = http://www.google.cz/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\..\SearchScopes\search13: "URL" = http://verysafesearch.com/search.php?q={searchTerms}
  IE - HKU\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdm.sys -- (k750mdm)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus)
  DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ab9a8j7e)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:39413AC3 deleted successfully.
C:\windows\Tasks\avast! Emergency Update.job moved successfully.
File/Folder C:\windows\Temp\_avast_\*.tmp not found.
C:\Documents and Settings\Pavel Schich\Plocha\avg_remover_stf_x86_2014_4116.exe moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Office Excel\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry value HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE5D279F-081B-4404-994D-C6B60AAEBA6D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE5D279F-081B-4404-994D-C6B60AAEBA6D}\ not found.
Registry value HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6BF216FB-CE88-4F80-8ED6-476D5BA7A16E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6BF216FB-CE88-4F80-8ED6-476D5BA7A16E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
HKU\S-1-5-21-1482476501-1614895754-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service k750obex stopped successfully!
Service k750obex deleted successfully!
File system32\DRIVERS\k750obex.sys not found.
Service k750mgmt stopped successfully!
Service k750mgmt deleted successfully!
File system32\DRIVERS\k750mgmt.sys not found.
Service k750mdm stopped successfully!
Service k750mdm deleted successfully!
File system32\DRIVERS\k750mdm.sys not found.
Service k750mdfl stopped successfully!
Service k750mdfl deleted successfully!
File system32\DRIVERS\k750mdfl.sys not found.
Service k750bus stopped successfully!
Service k750bus deleted successfully!
File system32\DRIVERS\k750bus.sys not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
Error: No service named ab9a8j7e was found to stop!
Service\Driver key ab9a8j7e not found.
Service WDICA stopped successfully!
Service WDICA deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Pavel Schich
->Temp folder emptied: 10466196 bytes
->Temporary Internet Files folder emptied: 1574287 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 269863485 bytes
->Google Chrome cache emptied: 6894958 bytes
->Flash cache emptied: 1832 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 135117 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 635449962 bytes

Total Files Cleaned = 882.00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Pavel Schich
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Pavel Schich
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12132013_083710

Files\Folders moved on Reboot...
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Už to bude v pořádku? Co mi to stále dělá,v čem je chyba?

Nastala nejaka zmena?

Jo,už se to tak neseká,ale lepší už o nebude,pc je přece jenom stařík to nejlepší už má za sebou.A na co si teda mám dávat pozor aby se mi to zase nestalo?

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Tak je to dobré,jenom by mne zajímalo na co si dávat bacha aby mi to neudělalo zase,jo a potřeboval bych ještě
pomoct pročistit jeden ntb od dětí jo?