VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Robko at 2013-12-22 18:11:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 19 GB (28%) free of 68 GB
Total RAM: 502 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:52, on 22. 12. 2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21342)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Robko\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Robko.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = AT+CGDCONT=1,"IP","INTERNET"
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9164 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3592345433-1204030805-733229801-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3592345433-1204030805-733229801-1006UA.job
C:\WINDOWS\tasks\Low Battery Alarm Program.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Robko\Data aplikací\Mozilla\Firefox\Profiles\fj8c02xv.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
install.rdf
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
AC-Pro - C:\Program Files\AutocompletePro\AutocompletePro.dll [2010-09-13 97760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpWirelessAssistant"=C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2006-05-03 458752]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-22 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-22 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-22 118784]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-06-02 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-06-17 794713]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-06-19 163840]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-06-19 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup []
"ISUSScheduler"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe -start []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-24 2516296]
"CanonSolutionMenuEx"=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [2010-03-02 140640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-26 136176]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-watch]
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-10-09 139264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2006-09-14 157592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DaemonTools_WhenUSave_Installer]
C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-09-26 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-19 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{E611B760-A7BF-7B3C-99AB-83DD1DEFEBF4}]
C:\Documents and Settings\Robko\Data aplikací\Zisy\olatq.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~2.EXE [2007-03-06 610304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [2006-04-28 633856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Rychlý začátek s aplikací HP Photosmart Premier.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe [2005-09-24 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-22 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\AllShareDMS.exe:*:Enabled:Samsung AllShare Service"
"C:\Program Files\Samsung\AllShare\AllShare.exe"="C:\Program Files\Samsung\AllShare\AllShare.exe:*:Enabled:Samsung AllShare Player"
"C:\Program Files\Samsung\AllShare\AllShareAgent.exe"="C:\Program Files\Samsung\AllShare\AllShareAgent.exe:*:Enabled:Samsung AllShare Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.LEAD"=LCODCCMP.DLL
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"wave4"=wdmaud.drv
"wave5"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-12-22 18:12:16 ----D---- C:\Program Files\trend micro
2013-12-22 18:11:53 ----D---- C:\rsit
2013-12-22 18:09:32 ----D---- C:\WINDOWS\LastGood
2013-11-25 06:14:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-11-25 06:14:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-11-25 06:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-11-25 06:12:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-11-25 06:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-11-24 18:59:50 ----D---- C:\WINDOWS\system32\MRT
2013-11-24 18:44:52 ----D---- C:\e6f8211bcf175cb5a624f0ee704f82

======List of files/folders modified in the last 1 month======

2013-12-22 18:20:02 ----D---- C:\WINDOWS
2013-12-22 18:14:36 ----HD---- C:\WINDOWS\inf
2013-12-22 18:13:52 ----D---- C:\WINDOWS\Temp
2013-12-22 18:13:00 ----D---- C:\WINDOWS\Prefetch
2013-12-22 18:12:42 ----D---- C:\Program Files
2013-12-22 18:02:57 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-19 09:03:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-19 00:13:04 ----A---- C:\WINDOWS\NeroDigital.ini
2013-12-19 00:12:13 ----D---- C:\Documents and Settings\Robko\Data aplikací\vlc
2013-12-16 06:54:27 ----D---- C:\WINDOWS\Help
2013-12-04 09:05:55 ----A---- C:\WINDOWS\wdict32.INI
2013-12-03 16:22:57 ----D---- C:\Nová složka
2013-12-01 15:43:49 ----D---- C:\Documents and Settings\Robko\Data aplikací\dvdcss
2013-11-26 07:58:38 ----RSD---- C:\WINDOWS\assembly
2013-11-26 07:52:45 ----D---- C:\WINDOWS\Microsoft.NET
2013-11-25 06:32:44 ----D---- C:\WINDOWS\system32
2013-11-25 06:14:43 ----A---- C:\WINDOWS\imsins.BAK
2013-11-25 06:14:42 ----RSHD---- C:\WINDOWS\system32\dllcache
2013-11-25 06:05:52 ----SHD---- C:\WINDOWS\Installer
2013-11-25 06:05:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 06:04:18 ----D---- C:\WINDOWS\WinSxS
2013-11-24 17:47:06 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-04-25 20640]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-02-16 611064]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672]
R3 BCM43XX;Broadcom 802.11 ovládač sieťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-04-28 429184]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-04-11 163328]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-06-02 572928]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-20 995712]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-20 208000]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-22 1166972]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-06-17 193120]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-20 727296]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
S3 AF9035HB;AF9035 Hybrid Device; C:\WINDOWS\System32\Drivers\AF9035HB.sys [2010-09-23 863616]
S3 ach957x6;ach957x6; C:\WINDOWS\system32\drivers\ach957x6.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-10-23 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CXSONORA;AVerMedia 23885 AvStream Video Capture; C:\WINDOWS\system32\drivers\A885VCap.sys [2007-03-06 707328]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2003-09-23 7296]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETw3x32;Ovladač adaptéru Intel(R) PRO/Wireless 3945ABG pro Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-09-28 1709696]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
S3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
S3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2006-07-06 47744]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 STIrUsb;SigmaTel USB-IrDA Dongle; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 Usblink;Usblink Driver; C:\WINDOWS\System32\Drivers\ulink.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-03 198336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-30 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-03 2528960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-08 117656]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Adwcleaner mi nejde spustit. V spravcovi vidim ze proces svchost.exe zatazuje procesor na 100 percent.

Vypol som automaticke aktualizacie, resetol pc a adwcleaner uz ide pustit.

# AdwCleaner v3.016 - Report created 23/12/2013 at 13:33:55
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Robko - ROBO
# Running from : C:\Documents and Settings\Robko\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\AutocompletePro
Folder Deleted : C:\Documents and Settings\Robko\Local Settings\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\Robko\Data aplikací\OpenCandy
[!] Folder Deleted : C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk
File Deleted : C:\Documents and Settings\Robko\Data aplikací\Mozilla\Firefox\Profiles\fj8c02xv.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\AutocompleteProBHO
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\VDownloader\OpenCandy
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21342


-\\ Mozilla Firefox v23.0 (sk)

[ File : C:\Documents and Settings\Robko\Data aplikací\Mozilla\Firefox\Profiles\fj8c02xv.default\prefs.js ]


[ File : C:\Documents and Settings\Ľudka\Data aplikací\Mozilla\Firefox\Profiles\xzfddbqe.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3029 octets] - [23/12/2013 13:31:45]
AdwCleaner[S0].txt - [3006 octets] - [23/12/2013 13:33:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3066 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.23.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Robko :: ROBO [administrátor]

23. 12. 2013 13:42:18
MBAM-log-2013-12-23 (16-29-34).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 334880
Uplynulý čas: 1 hodin, 44 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 11
C:\Program Files\DAEMON Tools\SetupDTSB.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Robko\Data aplikací\OpenCandy\OpenCandy_BB0CE30F011A4872A575FB42DB29D5FA\DLMgr_3_1.6.87.exe.vir (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\GPSve.v1.17.exe (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\GPSve.v1.17.zip (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\msvcrt.dll (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\GPSve.v1.17\msvcrt.dll (Malware.Packer.Gen) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Plocha\winbox.exe (Trojan.Downloader) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Plocha\Nepoužívané odkazy plochy\daemon406-x86.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Plocha\programy\Norton Internet Security 2007 XP\keygen.exe (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\Robko\Plocha\programy\Norton Internet Security 2007 XP\KeyGen.rar (Malware.Packer.Krunchy) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{AE2BA988-D558-49B7-87F9-F2AF1D12C675}\RP1201\A0209957.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.

(konec)
Norton internet security sa na pc už nepoužíva, používa sa free anitvirus avast, priečinok po Norton IS starý.

Nalezy smazte, objevi se log, ten rad uvidim

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.23.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Robko :: ROBO [administrátor]

23. 12. 2013 13:42:18
mbam-log-2013-12-23 (13-42-18).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 334880
Uplynulý čas: 1 hodin, 44 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|StartMenuLogoff (PUM.Hijack.StartMenu) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 11
C:\Program Files\DAEMON Tools\SetupDTSB.exe (Adware.WhenU) -> Přesun do karantény a smazání se zdařilo.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Robko\Data aplikací\OpenCandy\OpenCandy_BB0CE30F011A4872A575FB42DB29D5FA\DLMgr_3_1.6.87.exe.vir (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\GPSve.v1.17.exe (Malware.Packer.Gen) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\GPSve.v1.17.zip (Malware.Packer.Gen) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\msvcrt.dll (Malware.Packer.Gen) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Dokumenty\Stažené soubory\GPSve.v1.17\msvcrt.dll (Malware.Packer.Gen) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Plocha\winbox.exe (Trojan.Downloader) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Plocha\Nepoužívané odkazy plochy\daemon406-x86.exe (Adware.WhenU) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Plocha\programy\Norton Internet Security 2007 XP\keygen.exe (Malware.Packer.Krunchy) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\Robko\Plocha\programy\Norton Internet Security 2007 XP\KeyGen.rar (Malware.Packer.Krunchy) -> Přesun do karantény a smazání se zdařilo.
C:\System Volume Information\_restore{AE2BA988-D558-49B7-87F9-F2AF1D12C675}\RP1201\A0209957.exe (PUP.Optional.OpenCandy) -> Přesun do karantény a smazání se zdařilo.

(konec)

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

Nejde mi spustit frstlauncher, notas sa nejako zasekne.

Spustte tedy jen FRST.exe

Ten pise autoit error,unable to the script file

Vypol som avast a uz to ide.

Supr, diky za poznatek, predam autorovi

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-12-2013
Ran by Robko (administrator) on ROBO on 24-12-2013 15:44:21
Running from C:\Documents and Settings\Robko\Plocha
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
() C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe [458752 2006-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [igfxhkcmd] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [igfxpers] - C:\WINDOWS\system32\igfxpers.exe [118784 2006-03-22] (Intel Corporation)
HKLM\...\Run: [High Definition Audio Property Page Shortcut] - C:\WINDOWS\system32\CHDAudPropShortcut.exe [61952 2006-06-02] (Windows (R) Server 2003 DDK provider)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [794713 2006-06-17] (Synaptics, Inc.)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [163840 2006-06-19] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\Cpqset.exe [40960 2006-06-19] ()
HKLM\...\Run: [RecGuard] - C:\WINDOWS\SMINST\Recguard.exe [1187840 2005-10-11] ()
HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [ISUSPM Startup] - C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
HKLM\...\Run: [ISUSScheduler] - "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe" -start
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-24] (AVAST Software)
HKCU\...\Run: [Google Update] - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2010-09-26] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [204288 2007-01-05] (Microsoft Corporation)
MountPoints2: D - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
MountPoints2: {3b74e390-3c62-11dc-8b31-000d18015461} - F:\LaunchU3.exe -a
MountPoints2: {5a71ef78-0f6d-11e1-baab-000d18015461} - G:\LaunchU3.exe -a
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-10-09] (Nero AG)
HKU\Ľudka\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [ 2006-10-09] (Nero AG)
HKU\Ľudka\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2007-01-05] (Microsoft Corporation)
HKU\Ľudka\...\Run: [Google Update] - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [ 2010-09-26] (Google Inc.)
HKU\Ľudka\...\Run: [{E611B760-A7BF-7B3C-99AB-83DD1DEFEBF4}] - "C:\Documents and Settings\Robko\Data aplikací\Zisy\olatq.exe"

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 192.168.5.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Robko\Data aplikací\Mozilla\Firefox\Profiles\fj8c02xv.default
FF Homepage: hxxp://www.google.sk/
FF NetworkProxy: "autoconfig_url", "AT+CGDCONT=1,\"IP\",\"INTERNET\""
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\Robko\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\Robko\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\Robko\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\Robko\Local Settings\Data aplikac\u00ED\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (avast! WebRep) - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Robko\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S3 AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [126976 2006-06-12] (Hewlett-Packard Development Company, L.P.)
R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [198336 2006-09-03] (Symantec Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-24] (AVAST Software)
R2 BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [110592 2005-04-06] ()
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE [2528960 2006-09-03] (Symantec Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]

==================== Drivers (Whitelisted) ====================

S4 abp480n5; C:\Windows\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-18] (Microsoft Corporation)
S3 AF9035HB; C:\Windows\System32\Drivers\AF9035HB.sys [863616 2010-09-23] (ITE Technologies )
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2013-12-24] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2013-12-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-24] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2013-12-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2013-12-24] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2013-12-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-24] ()
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [429184 2006-04-28] (Broadcom Corporation)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [20480 2005-08-31] (IVT Corporation)
R3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [20480 2005-08-31] (IVT Corporation)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [10068 2006-01-19] (IVT Corporation)
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [23000 2005-10-23] (IVT Corporation)
R3 BTHidEnum; C:\Windows\System32\DRIVERS\vbtenum.sys [11988 2005-07-29] ()
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation)
S3 BTNetFilter; C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [14312 2006-04-14] ()
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [57320 2006-05-12] (Broadcom Corporation.)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 CXSONORA; C:\Windows\System32\drivers\A885VCap.sys [707328 2007-03-06] (AVerMedia TECHNOLOGIES, Inc.)
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\Windows\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [7296 2003-09-23] (GARMIN Corp.)
R3 HdAudAddService; C:\Windows\System32\drivers\CHDAud.sys [572928 2006-06-02] (Conexant Systems Inc.)
R3 HSFHWAZL; C:\Windows\System32\DRIVERS\HSFHWAZL.sys [208000 2006-04-20] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [995712 2006-04-20] (Conexant Systems, Inc.)
S3 MPE; C:\Windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NETw3x32; C:\Windows\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-28] (Intel® Corporation)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [47744 2006-07-06] ()
S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [611064 2008-02-16] ()
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [84836 2006-02-28] (IVT Corporation)
S2 aswFsBlk; No ImagePath
S1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
S3 Usblink; System32\Drivers\ulink.sys [x]
U3 abqdbxwj; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-24 15:44 - 2013-12-24 15:44 - 00015579 _____ C:\Documents and Settings\Robko\Plocha\FRST.txt
2013-12-24 15:44 - 2013-12-24 15:44 - 00000000 ____D C:\FRST
2013-12-24 15:17 - 2013-12-24 15:17 - 00000000 ____D C:\Documents and Settings\Robko\Data aplikací\AVAST Software
2013-12-24 15:12 - 2013-12-24 15:12 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-12-24 15:12 - 2013-12-24 15:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2013-12-24 14:48 - 2013-12-24 15:11 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-24 14:48 - 2013-12-24 15:11 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-24 14:48 - 2013-12-24 15:11 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-24 14:45 - 2013-12-24 14:45 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Robko\Plocha\FRSTLauncher.exe
2013-12-24 14:42 - 2013-12-24 14:42 - 01061581 _____ (Farbar) C:\Documents and Settings\Robko\Plocha\FRST.exe
2013-12-23 13:40 - 2013-12-23 13:40 - 00000000 ____D C:\Documents and Settings\Robko\Data aplikací\Malwarebytes
2013-12-23 13:39 - 2013-12-23 13:39 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-23 13:39 - 2013-12-23 13:39 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-23 13:39 - 2013-12-23 13:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-23 13:39 - 2013-12-23 13:39 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-23 13:39 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-23 13:31 - 2013-12-23 13:34 - 00000000 ____D C:\AdwCleaner
2013-12-23 13:20 - 2013-12-23 13:22 - 00027814 _____ C:\WINDOWS\KB2888505-IE7.log
2013-12-23 13:18 - 2013-12-23 13:25 - 00003875 _____ C:\WINDOWS\KB2876331.log
2013-12-23 12:28 - 2013-12-23 12:23 - 10284816 ____N (Malwarebytes Corporation ) C:\Documents and Settings\Robko\Plocha\mbam-setup.exe
2013-12-23 12:27 - 2013-12-23 12:21 - 01233962 ____N C:\Documents and Settings\Robko\Plocha\adwcleaner.exe
2013-12-22 22:49 - 2013-12-22 22:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-12-22 22:48 - 2013-12-22 22:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-12-22 19:49 - 2013-12-22 19:50 - 00000000 ____D C:\f6b5e098b9e215d1cb8298c5afa882
2013-12-22 18:15 - 2013-08-09 01:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-12-22 18:15 - 2013-08-09 01:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-12-22 18:15 - 2013-08-09 01:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-12-22 18:15 - 2009-03-18 12:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-12-22 18:12 - 2013-12-22 18:15 - 00000000 ____D C:\Program Files\trend micro
2013-12-22 18:11 - 2013-12-22 18:36 - 00000000 ____D C:\rsit
2013-11-25 06:14 - 2013-11-25 06:14 - 00005232 _____ C:\WINDOWS\KB2834904-v2.log
2013-11-25 06:14 - 2013-11-25 06:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-11-25 06:14 - 2013-11-25 06:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-11-25 06:14 - 2013-11-25 06:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-11-25 06:12 - 2013-11-25 06:13 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-11-25 06:10 - 2013-11-25 06:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-11-25 06:06 - 2013-11-25 06:11 - 00004512 _____ C:\WINDOWS\KB2863058.log
2013-11-24 18:59 - 2013-12-22 22:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-24 18:44 - 2013-11-24 18:45 - 00000000 ____D C:\e6f8211bcf175cb5a624f0ee704f82
2013-11-24 18:09 - 2013-11-24 18:09 - 00003203 _____ C:\WINDOWS\KB2876315.log
2013-11-24 18:08 - 2013-12-22 22:49 - 00009388 _____ C:\WINDOWS\KB2876217.log
2013-11-24 18:08 - 2013-11-24 18:08 - 00029409 _____ C:\WINDOWS\KB2870699-IE7.log
2013-11-24 17:58 - 2013-11-25 06:14 - 00010422 _____ C:\WINDOWS\KB2864063.log
2013-11-24 17:47 - 2013-11-25 06:14 - 00009382 _____ C:\WINDOWS\KB2850869.log
2013-11-24 17:27 - 2013-11-25 06:13 - 00013735 _____ C:\WINDOWS\KB2859537.log

==================== One Month Modified Files and Folders =======

2013-12-24 15:44 - 2013-12-24 15:44 - 00015579 _____ C:\Documents and Settings\Robko\Plocha\FRST.txt
2013-12-24 15:44 - 2013-12-24 15:44 - 00000000 ____D C:\FRST
2013-12-24 15:44 - 2007-02-16 21:58 - 00000000 ____D C:\Documents and Settings\Robko\Plocha
2013-12-24 15:42 - 2013-02-10 12:08 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-12-24 15:35 - 2006-05-10 13:26 - 01510273 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-24 15:35 - 2006-05-10 13:26 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-24 15:34 - 2006-05-10 14:29 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-24 15:34 - 2006-05-10 14:29 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-24 15:34 - 2006-05-10 13:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-24 15:31 - 2010-09-26 12:05 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592345433-1204030805-733229801-1006UA.job
2013-12-24 15:17 - 2013-12-24 15:17 - 00000000 ____D C:\Documents and Settings\Robko\Data aplikací\AVAST Software
2013-12-24 15:17 - 2007-02-16 21:58 - 00000000 ___HD C:\Documents and Settings\Robko\Data aplikací
2013-12-24 15:14 - 2007-02-17 01:52 - 00000012 _____ C:\WINDOWS\bthservsdp.dat
2013-12-24 15:14 - 2007-02-16 21:58 - 00000272 ___SH C:\Documents and Settings\Robko\ntuser.ini
2013-12-24 15:14 - 2006-05-10 13:26 - 00032624 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-24 15:13 - 2007-02-16 21:58 - 00000000 ____D C:\Documents and Settings\Robko
2013-12-24 15:12 - 2013-12-24 15:12 - 00001733 _____ C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2013-12-24 15:12 - 2013-12-24 15:12 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
2013-12-24 15:12 - 2013-03-02 17:09 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-12-24 15:12 - 2007-02-17 06:26 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-12-24 15:11 - 2013-12-24 14:48 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-12-24 15:11 - 2013-12-24 14:48 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-12-24 15:11 - 2013-12-24 14:48 - 00049944 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-12-24 15:11 - 2013-02-10 12:09 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-12-24 15:11 - 2013-02-10 12:08 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-12-24 15:11 - 2013-02-10 12:08 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-12-24 15:11 - 2013-02-10 12:08 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-12-24 15:11 - 2013-02-10 12:07 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-12-24 15:11 - 2013-02-10 12:07 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-12-24 14:55 - 2013-05-20 16:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-24 14:52 - 2013-02-10 12:06 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-24 14:47 - 2006-05-10 12:34 - 00002504 _____ C:\WINDOWS\system32\CONFIG.NT
2013-12-24 14:45 - 2013-12-24 14:45 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Robko\Plocha\FRSTLauncher.exe
2013-12-24 14:42 - 2013-12-24 14:42 - 01061581 _____ (Farbar) C:\Documents and Settings\Robko\Plocha\FRST.exe
2013-12-24 14:32 - 2007-02-21 16:35 - 00059904 _____ C:\Documents and Settings\Robko\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-24 14:30 - 2010-04-17 02:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB980232$
2013-12-24 14:27 - 2010-01-29 20:47 - 00000000 ____D C:\Documents and Settings\Robko\Dokumenty\Stažené soubory
2013-12-24 14:27 - 2008-02-16 19:19 - 00000000 ____D C:\Program Files\DAEMON Tools
2013-12-24 14:27 - 2007-05-18 08:34 - 00000000 ____D C:\Documents and Settings\Robko\Plocha\Nepoužívané odkazy plochy
2013-12-24 13:31 - 2010-09-26 12:05 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3592345433-1204030805-733229801-1006Core.job
2013-12-24 12:56 - 2013-05-20 16:16 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-24 12:56 - 2011-10-01 06:06 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-24 08:34 - 2010-09-26 12:09 - 00002269 _____ C:\Documents and Settings\Robko\Plocha\Google Chrome.lnk
2013-12-23 13:40 - 2013-12-23 13:40 - 00000000 ____D C:\Documents and Settings\Robko\Data aplikací\Malwarebytes
2013-12-23 13:39 - 2013-12-23 13:39 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2013-12-23 13:39 - 2013-12-23 13:39 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-23 13:39 - 2013-12-23 13:39 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2013-12-23 13:39 - 2013-12-23 13:39 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-23 13:39 - 2007-02-17 06:26 - 00000000 ___HD C:\Documents and Settings\All Users\Data aplikací
2013-12-23 13:34 - 2013-12-23 13:31 - 00000000 ____D C:\AdwCleaner
2013-12-23 13:33 - 2007-02-16 21:58 - 00000000 ___HD C:\Documents and Settings\Robko\Local Settings\Data aplikací
2013-12-23 13:25 - 2013-12-23 13:18 - 00003875 _____ C:\WINDOWS\KB2876331.log
2013-12-23 13:22 - 2013-12-23 13:20 - 00027814 _____ C:\WINDOWS\KB2888505-IE7.log
2013-12-23 12:50 - 2007-02-17 06:27 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-23 12:23 - 2013-12-23 12:28 - 10284816 ____N (Malwarebytes Corporation ) C:\Documents and Settings\Robko\Plocha\mbam-setup.exe
2013-12-23 12:21 - 2013-12-23 12:27 - 01233962 ____N C:\Documents and Settings\Robko\Plocha\adwcleaner.exe
2013-12-23 07:59 - 2007-02-19 12:26 - 00000229 _____ C:\WINDOWS\NeroDigital.ini
2013-12-22 22:53 - 2009-12-26 10:22 - 01028828 _____ C:\WINDOWS\setupapi.log.0.old
2013-12-22 22:49 - 2013-12-22 22:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876217$
2013-12-22 22:49 - 2013-11-24 18:08 - 00009388 _____ C:\WINDOWS\KB2876217.log
2013-12-22 22:49 - 2006-05-10 13:02 - 01150085 _____ C:\WINDOWS\tsoc.log
2013-12-22 22:49 - 2006-05-10 13:02 - 00469071 _____ C:\WINDOWS\iis6.log
2013-12-22 22:49 - 2006-05-10 12:47 - 02953469 _____ C:\WINDOWS\FaxSetup.log
2013-12-22 22:49 - 2006-05-10 12:47 - 01468257 _____ C:\WINDOWS\ocgen.log
2013-12-22 22:49 - 2006-05-10 12:47 - 00964788 _____ C:\WINDOWS\comsetup.log
2013-12-22 22:49 - 2006-05-10 12:47 - 00588218 _____ C:\WINDOWS\ntdtcsetup.log
2013-12-22 22:49 - 2006-05-10 12:47 - 00179683 _____ C:\WINDOWS\ocmsn.log
2013-12-22 22:49 - 2006-05-10 12:47 - 00150025 _____ C:\WINDOWS\msgsocm.log
2013-12-22 22:49 - 2006-05-10 12:47 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-22 22:49 - 2006-05-10 12:46 - 00403394 _____ C:\WINDOWS\updspapi.log
2013-12-22 22:48 - 2013-12-22 22:48 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-12-22 22:48 - 2006-05-10 12:47 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-22 22:44 - 2013-11-24 18:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-22 21:21 - 2013-03-01 17:32 - 00000000 ____D C:\Nová složka
2013-12-22 19:50 - 2013-12-22 19:49 - 00000000 ____D C:\f6b5e098b9e215d1cb8298c5afa882
2013-12-22 19:01 - 2006-05-10 14:26 - 00000227 _____ C:\WINDOWS\system.ini
2013-12-22 19:01 - 2006-05-10 12:34 - 00000603 _____ C:\WINDOWS\win.ini
2013-12-22 19:01 - 2006-05-10 12:29 - 00000211 __RSH C:\boot.ini
2013-12-22 18:36 - 2013-12-22 18:11 - 00000000 ____D C:\rsit
2013-12-22 18:15 - 2013-12-22 18:12 - 00000000 ____D C:\Program Files\trend micro
2013-12-19 00:12 - 2012-04-23 06:14 - 00000000 ____D C:\Documents and Settings\Robko\Data aplikací\vlc
2013-12-16 06:54 - 2007-02-17 06:27 - 00000000 ____D C:\WINDOWS\Help
2013-12-04 09:05 - 2012-04-06 18:30 - 00003441 _____ C:\WINDOWS\wdict32.INI
2013-12-02 06:19 - 2007-02-16 21:58 - 00000000 ___RD C:\Documents and Settings\Robko\Dokumenty
2013-12-01 15:43 - 2009-11-15 21:09 - 00000000 ____D C:\Documents and Settings\Robko\Data aplikací\dvdcss
2013-11-25 06:14 - 2013-11-25 06:14 - 00005232 _____ C:\WINDOWS\KB2834904-v2.log
2013-11-25 06:14 - 2013-11-25 06:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2864063$
2013-11-25 06:14 - 2013-11-25 06:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-11-25 06:14 - 2013-11-25 06:14 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-11-25 06:14 - 2013-11-24 17:58 - 00010422 _____ C:\WINDOWS\KB2864063.log
2013-11-25 06:14 - 2013-11-24 17:47 - 00009382 _____ C:\WINDOWS\KB2850869.log
2013-11-25 06:13 - 2013-11-25 06:12 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-11-25 06:13 - 2013-11-24 17:27 - 00013735 _____ C:\WINDOWS\KB2859537.log
2013-11-25 06:11 - 2013-11-25 06:06 - 00004512 _____ C:\WINDOWS\KB2863058.log
2013-11-25 06:10 - 2013-11-25 06:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-11-25 06:10 - 2007-02-28 10:32 - 00888024 _____ C:\WINDOWS\system32\TZLog.log
2013-11-25 06:05 - 2006-05-10 12:41 - 01015106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-24 18:45 - 2013-11-24 18:44 - 00000000 ____D C:\e6f8211bcf175cb5a624f0ee704f82
2013-11-24 18:09 - 2013-11-24 18:09 - 00003203 _____ C:\WINDOWS\KB2876315.log
2013-11-24 18:08 - 2013-11-24 18:08 - 00029409 _____ C:\WINDOWS\KB2870699-IE7.log

Some content of TEMP:
====================
C:\Documents and Settings\Robko\Local Settings\Temp\01365924046921.exe
C:\Documents and Settings\Robko\Local Settings\Temp\01365924046937.exe
C:\Documents and Settings\Robko\Local Settings\Temp\DevSetup32.dll
C:\Documents and Settings\Robko\Local Settings\Temp\DevSetup64.dll
C:\Documents and Settings\Robko\Local Settings\Temp\dotnet2.0.exe
C:\Documents and Settings\Robko\Local Settings\Temp\DriverInstall32.exe
C:\Documents and Settings\Robko\Local Settings\Temp\DriverInstall64.exe
C:\Documents and Settings\Robko\Local Settings\Temp\GUR2.exe
C:\Documents and Settings\Robko\Local Settings\Temp\hpzmsi01.exe
C:\Documents and Settings\Robko\Local Settings\Temp\hpzscr01.exe
C:\Documents and Settings\Robko\Local Settings\Temp\i4jdel0.exe
C:\Documents and Settings\Robko\Local Settings\Temp\KillProcess.exe
C:\Documents and Settings\Robko\Local Settings\Temp\MSETUP4.EXE
C:\Documents and Settings\Robko\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Robko\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Robko\Local Settings\Temp\vlc-2.0.5-win32.exe
C:\Documents and Settings\Robko\Local Settings\Temp\{35D45CCB-ED27-4775-BA8F-11F28D00E664}-GoogleUpdateSetup.exe
C:\Documents and Settings\Robko\Local Settings\Temp\{5ACD9FCC-65DD-472A-9A86-4F679F3B28AD}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-18 22:00] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-18 22:00] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-18 22:00] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-18 22:00] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-18 22:00] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-18 22:00] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-18 22:00] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================