VIRY.CZ

Krásný den,
prosím o kontrolu systému. Notebook je mé mámy, ztěžuje si, že je to "nějaké pomalé".

Vyčistil jsem registry (CCCleaner) a aktualizoval system.

Díky

Přikládám log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mama at 2013-12-25 15:12:19
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 44 GB (77%) free of 57 GB
Total RAM: 511 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:12:34, on 25.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mama\Dokumenty\Downloads\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Mama.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\bc340a08-584e-4ad6-996b-b01ff64817aa.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BrowserChoice] "C:\WINDOWS\system32\browserchoice.exe" /run
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 7155 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-09-24 362928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-07 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-16 194640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-16 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-09-24 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-09-24 80304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-07 606544]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-16 194640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2003-10-08 159744]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-12-12 88363]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-12-19 4730880]
"nwiz"=nwiz.exe /install []
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2003-12-11 241664]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\bc340a08-584e-4ad6-996b-b01ff64817aa.exe [2013-11-24 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-07 3568312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-14 39408]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"BrowserChoice"=C:\WINDOWS\system32\browserchoice.exe [2010-02-12 293376]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL

======List of files/folders created in the last 1 month======

2013-12-25 15:12:23 ----D---- C:\Program Files\trend micro
2013-12-25 15:12:19 ----D---- C:\rsit
2013-12-25 14:28:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-25 14:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-25 14:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-25 14:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-25 14:19:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-24 17:57:10 ----D---- C:\Program Files\CCleaner
2013-12-09 13:15:31 ----D---- C:\Documents and Settings\Mama\Data aplikací\AVAST Software
2013-12-07 23:12:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-12-07 23:12:23 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-11-30 17:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-30 16:43:33 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-11-30 16:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$

======List of files/folders modified in the last 1 month======

2013-12-25 15:12:23 ----RD---- C:\Program Files
2013-12-25 14:54:08 ----D---- C:\WINDOWS
2013-12-25 14:52:29 ----D---- C:\WINDOWS\Temp
2013-12-25 14:46:20 ----D---- C:\WINDOWS\Debug
2013-12-25 14:43:35 ----D---- C:\WINDOWS\system32
2013-12-25 14:42:47 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-12-25 14:42:47 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-25 14:33:35 ----RSD---- C:\WINDOWS\assembly
2013-12-25 14:30:56 ----HD---- C:\WINDOWS\inf
2013-12-25 14:30:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-25 14:30:24 ----D---- C:\Program Files\Internet Explorer
2013-12-25 14:29:35 ----D---- C:\WINDOWS\ie8updates
2013-12-25 14:28:50 ----D---- C:\WINDOWS\Prefetch
2013-12-25 14:24:43 ----D---- C:\WINDOWS\Microsoft.NET
2013-12-25 14:23:21 ----D---- C:\WINDOWS\system32\MRT
2013-12-25 14:21:48 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-25 14:10:01 ----SHD---- C:\WINDOWS\Installer
2013-12-25 14:09:57 ----SHD---- C:\Config.Msi
2013-12-25 14:09:21 ----D---- C:\Program Files\Common Files
2013-12-25 14:09:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-13 23:52:47 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-09 13:49:42 ----D---- C:\WINDOWS\system32\XPSViewer
2013-12-09 13:14:11 ----D---- C:\WINDOWS\system32\drivers
2013-12-07 23:22:32 ----SD---- C:\WINDOWS\Tasks
2013-12-07 23:21:39 ----D---- C:\WINDOWS\WinSxS
2013-12-07 23:21:25 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-12-07 23:13:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-07 23:00:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-30 16:47:27 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-12-07 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-07 178304]
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS\System32\drivers\btkrnl.sys [2003-10-28 1258138]
R0 DevUpper;TI UltraMedia CardBus Controller Filter Driver; C:\WINDOWS\System32\DRIVERS\tiumflt.sys [2003-12-18 8448]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [2003-12-02 21120]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 AmdK8;Ovladač procesoru AMD Athlon64; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2003-11-07 37888]
R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\System32\drivers\EABFiltr.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\System32\drivers\btslbcsp.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.0.0; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [2013-05-14 15584]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-12-22 100384]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-12-12 1205292]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BCM43XX;BCM 802.11b ovladač síťového adaptéru; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2003-12-04 286848]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2003-10-28 52888]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-12-19 1390218]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2003-10-23 46976]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-10-30 593408]
R3 tiumfwl;tiumfwl; C:\WINDOWS\system32\drivers\tiumfwl.sys [2003-12-18 42092]
R3 VIAIRDA;VIA Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\viairda.sys [2003-04-04 24244]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-10-08 94601]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-07 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2003-09-12 135168]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-09-24 158128]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-12-19 73728]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WLTRYSVC;WLTRYSVC; C:\WINDOWS\System32\wltrysvc.exe [2003-12-04 45056]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-14 194032]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim

Odinstalujte Google Toolbar

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Zdravím, provedl jsem.

Log:

# AdwCleaner v3.016 - Report created 25/12/2013 at 16:55:47
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mama - MAMAM
# Running from : C:\Documents and Settings\Mama\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v31.0.1650.63

[ File : C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [661 octets] - [25/12/2013 16:55:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [720 octets] ##########

Upraveno:
Ouha,
sice nic nebylo v results (na první záložce), přesto jsem dal clear a něco to patrně smazalo.

Pohnojil jsem to?

Pro jistotu nový log:

# AdwCleaner v3.016 - Report created 25/12/2013 at 17:09:27
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mama - MAMAM
# Running from : C:\Documents and Settings\Mama\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v31.0.1650.63

[ File : C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [799 octets] - [25/12/2013 16:55:47]
AdwCleaner[R1].txt - [720 octets] - [25/12/2013 17:09:27]
AdwCleaner[S0].txt - [859 octets] - [25/12/2013 17:01:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [838 octets] ##########

MEL4 píše:.....Pohnojil jsem to?

V poradku, nemelo by se nic stat

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Crystal:

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/12/25 17:49:30

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- HITACHI_DK23FA-60
+ Sekundární kanál IDE (1)
- HL-DT-ST RW/DVD GCC-4241N

-- Disk List ---------------------------------------------------------------
(1) HITACHI_DK23FA-60 : 60,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HITACHI_DK23FA-60
----------------------------------------------------------------------------
Model : HITACHI_DK23FA-60
Firmware : 00M4A0A0
Serial Number : 2WE317
Disk Size : 60,0 GB (8,4/60,0/----)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 117210240
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-5
Minor Version : ATA/ATAPI-5 T13 1321D version 3
Transfer Mode : Ultra DMA/100
Power On Hours : 23994 hod.
Power On Count : 5644 krát
Temparature : 51 C (123 F)
Health Status : Pozor
Features : S.M.A.R.T., APM
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _67 _50 000800000160 Počet chyb čtení
02 100 100 _50 0000000057A8 Průchodnost disku
03 100 100 _50 000000000000 Čas na roztočení ploten
04 _95 _95 __0 00000000167E Počet spuštění/zastavení
05 _39 _39 _10 00000000064E Počet přemapovaných sektorů
07 100 100 _50 000000000118 Počet chybných hledání
08 100 100 _50 000000000475 Čas potřebný na vyhledání
09 _53 _53 __0 00000015F7C9 Hodin v činnosti
0A 100 100 _50 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _95 _95 __0 00000000160C Počet cyklů zapnutí zařízení
BF 100 _82 __0 00000010FFFF Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000093 Počet vypnutí disku
C1 _19 _19 __0 077583077617 Počet cyklů načítání/vymazání
C2 _78 _46 __0 000800430033 Teplota
C3 100 __1 __0 00000000F4EC Počet oprav chybného čtení
C4 __1 __1 __0 000000000648 Počet udalostí s číslem realokování sektorů
C5 100 _82 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000001 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 _50 000000000000 Počet chyb při zápisu sektorů
C9 100 100 __0 000000000004 Počet chyb při čtení programů z disku
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E6 _64 _64 __0 00000010B884 Zesílené chvění hlaviček
FA 100 __1 __0 000000000342 Počet chyb po dobu čtení z disku

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 3332
010: 2020 2020 2020 2020 2020 2020 2020 3257 4533 3137
020: 0003 4000 0004 3030 4D34 4130 4130 4849 5441 4348
030: 495F 444B 3233 4641 2D36 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 0B00
050: 4000 0200 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: 7C80 06FC 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 003C 0013 746B 5988 4003 1908 1908 4003 203F 001A
090: 001A 4080 FFFE 600D 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 30A5

A zbytek:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.25.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Mama :: MAMAM [administrátor]

Ochrana: Povolena

25.12.2013 18:13:31
mbam-log-2013-12-25 (18-13-31).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 213993
Uplynulý čas: 41 minut, 22 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Disk je na tom dost zle a je to mozna pricina problemu. Zkusime to docistit a uvidime

MBAM odinstalujte

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

Hmm, má už na to věk (tedy disk).

Log:

RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mama [Práva správce]
Mód : Kontrola -- Datum : 12/25/2013 20:55:48
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 1 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[All Users][SUSP UNIC] BTTray.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\BTTray.lnk [-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HITACHI_DK23FA-60 +++++
--- User ---
[MBR] e77619c6b23cb4cd23f995a387d4147a
[BSP] fa97a37810d3a9e776b2f987e0887771 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 56996 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_12252013_205548.txt >>

Doufam, ze ma zalohovana data. Tech chyb to hlasi opravdu dost (ten disk).

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

Notebook je jen na internet, prakticky zatím žádná data k záloze.
V tomhle bez problému. Spíš, jestli bude notebook s tímto diskem žít či nikoliv.

log 1:
RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mama [Práva správce]
Mód : Odebrat -- Datum : 12/25/2013 21:11:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) HITACHI_DK23FA-60 +++++
--- User ---
[MBR] e77619c6b23cb4cd23f995a387d4147a
[BSP] fa97a37810d3a9e776b2f987e0887771 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 56996 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_12252013_211125.txt >>
RKreport[0]_D_12252013_210900.txt;RKreport[0]_S_12252013_205548.txt;RKreport[0]_S_12252013_211111.txt

log2:
RogueKiller V8.7.13 [Dec 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Mama [Práva správce]
Mód : Oprava HOSTS -- Datum : 12/25/2013 21:15:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_12252013_211501.txt >>
RKreport[0]_D_12252013_210900.txt;RKreport[0]_D_12252013_211125.txt;RKreport[0]_S_12252013_205548.txt
RKreport[0]_S_12252013_211111.txt

MEL4 píše:Spíš, jestli bude notebook s tímto diskem žít či nikoliv.

Tot otazka. Zit mozna jeste nejakou dobu bude, ale v jakem stavu....

Dejte novy log z RSIT

Jasně, chápu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Mama at 2013-12-25 21:31:33
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 45 GB (78%) free of 57 GB
Total RAM: 511 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:31:40, on 25.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Mama\Plocha\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Mama.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.hp.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\bc340a08-584e-4ad6-996b-b01ff64817aa.exe /check
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 6249 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2013-09-24 362928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-07 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-09-24 59824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2013-09-24 80304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-07 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2003-10-08 159744]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-12-12 88363]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-12-19 4730880]
"nwiz"=nwiz.exe /install []
"eabconfg.cpl"=C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2003-12-11 241664]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"20131121"=C:\Program Files\AVAST Software\Avast\setup\emupdate\bc340a08-584e-4ad6-996b-b01ff64817aa.exe [2013-11-24 180184]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-07 3568312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL

======List of files/folders created in the last 1 month======

2013-12-25 20:55:44 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys.bak
2013-12-25 20:55:44 ----A---- C:\WINDOWS\system32\drivers\ws2ifsl.sys.bak
2013-12-25 20:55:44 ----A---- C:\WINDOWS\system32\drivers\wmilib.sys.bak
2013-12-25 20:55:43 ----A---- C:\WINDOWS\system32\drivers\wmiacpi.sys.bak
2013-12-25 20:55:43 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys.bak
2013-12-25 20:55:42 ----A---- C:\WINDOWS\system32\drivers\watv10nt.sys.bak
2013-12-25 20:55:42 ----A---- C:\WINDOWS\system32\drivers\watv06nt.sys.bak
2013-12-25 20:55:42 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys.bak
2013-12-25 20:55:41 ----A---- C:\WINDOWS\system32\drivers\wadv11nt.sys.bak
2013-12-25 20:55:41 ----A---- C:\WINDOWS\system32\drivers\wadv09nt.sys.bak
2013-12-25 20:55:40 ----A---- C:\WINDOWS\system32\drivers\wadv08nt.sys.bak
2013-12-25 20:55:40 ----A---- C:\WINDOWS\system32\drivers\wadv07nt.sys.bak
2013-12-25 20:55:39 ----A---- C:\WINDOWS\system32\drivers\wacompen.sys.bak
2013-12-25 20:55:39 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys.bak
2013-12-25 20:55:39 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys.bak
2013-12-25 20:55:38 ----A---- C:\WINDOWS\system32\drivers\viairda.sys.bak
2013-12-25 20:55:38 ----A---- C:\WINDOWS\system32\drivers\vga.sys.bak
2013-12-25 20:55:37 ----A---- C:\WINDOWS\system32\drivers\vdmindvd.sys.bak
2013-12-25 20:55:37 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys.bak
2013-12-25 20:55:37 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS.bak
2013-12-25 20:55:36 ----A---- C:\WINDOWS\system32\drivers\usbport.sys.bak
2013-12-25 20:55:36 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys.bak
2013-12-25 20:55:36 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys.bak
2013-12-25 20:55:35 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys.bak
2013-12-25 20:55:35 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys.bak
2013-12-25 20:55:35 ----A---- C:\WINDOWS\system32\drivers\usbd.sys.bak
2013-12-25 20:55:34 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys.bak
2013-12-25 20:55:34 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys.bak
2013-12-25 20:55:34 ----A---- C:\WINDOWS\system32\drivers\usb8023x.sys.bak
2013-12-25 20:55:33 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys.bak
2013-12-25 20:55:33 ----A---- C:\WINDOWS\system32\drivers\update.sys.bak
2013-12-25 20:55:32 ----A---- C:\WINDOWS\system32\drivers\udfs.sys.bak
2013-12-25 20:55:32 ----A---- C:\WINDOWS\system32\drivers\uagp35.sys.bak
2013-12-25 20:55:32 ----A---- C:\WINDOWS\system32\drivers\tunmp.sys.bak
2013-12-25 20:55:31 ----A---- C:\WINDOWS\system32\drivers\tsbvcap.sys.bak
2013-12-25 20:55:31 ----A---- C:\WINDOWS\system32\drivers\tosdvd.sys.bak
2013-12-25 20:55:28 ----A---- C:\WINDOWS\system32\drivers\tiumfwl.sys.bak
2013-12-25 20:55:26 ----A---- C:\WINDOWS\system32\drivers\tiumflt.sys.bak
2013-12-25 20:55:24 ----A---- C:\WINDOWS\system32\drivers\termdd.sys.bak
2013-12-25 20:55:23 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys.bak
2013-12-25 20:55:23 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys.bak
2013-12-25 20:55:22 ----A---- C:\WINDOWS\system32\drivers\tdi.sys.bak
2013-12-25 20:55:21 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys.bak
2013-12-25 20:55:21 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys.bak
2013-12-25 20:55:21 ----A---- C:\WINDOWS\system32\drivers\tape.sys.bak
2013-12-25 20:55:20 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys.bak
2013-12-25 20:55:20 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys.bak
2013-12-25 20:55:20 ----A---- C:\WINDOWS\system32\drivers\swenum.sys.bak
2013-12-25 20:55:20 ----A---- C:\WINDOWS\system32\drivers\streamip.sys.bak
2013-12-25 20:55:19 ----A---- C:\WINDOWS\system32\drivers\srv.sys.bak
2013-12-25 20:55:19 ----A---- C:\WINDOWS\system32\drivers\sr.sys.bak
2013-12-25 20:55:18 ----A---- C:\WINDOWS\system32\drivers\splitter.sys.bak
2013-12-25 20:55:18 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys.bak
2013-12-25 20:55:17 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys.bak
2013-12-25 20:55:17 ----A---- C:\WINDOWS\system32\drivers\smsens.sys.bak
2013-12-25 20:55:17 ----A---- C:\WINDOWS\system32\drivers\smclib.sys.bak
2013-12-25 20:55:16 ----A---- C:\WINDOWS\system32\drivers\smbali.sys.bak
2013-12-25 20:55:16 ----A---- C:\WINDOWS\system32\drivers\slwdmsup.sys.bak
2013-12-25 20:55:16 ----A---- C:\WINDOWS\system32\drivers\slnthal.sys.bak
2013-12-25 20:55:15 ----A---- C:\WINDOWS\system32\drivers\slntamr.sys.bak
2013-12-25 20:55:15 ----A---- C:\WINDOWS\system32\drivers\slnt7554.sys.bak
2013-12-25 20:55:15 ----A---- C:\WINDOWS\system32\drivers\slip.sys.bak
2013-12-25 20:55:14 ----A---- C:\WINDOWS\system32\drivers\sisagp.sys.bak
2013-12-25 20:55:14 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys.bak
2013-12-25 20:55:14 ----A---- C:\WINDOWS\system32\drivers\sffp_sd.sys.bak
2013-12-25 20:55:13 ----A---- C:\WINDOWS\system32\drivers\sffp_mmc.sys.bak
2013-12-25 20:55:13 ----A---- C:\WINDOWS\system32\drivers\sffdisk.sys.bak
2013-12-25 20:55:13 ----A---- C:\WINDOWS\system32\drivers\serial.sys.bak
2013-12-25 20:55:13 ----A---- C:\WINDOWS\system32\drivers\serenum.sys.bak
2013-12-25 20:55:13 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys.bak
2013-12-25 20:55:12 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys.bak
2013-12-25 20:55:12 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys.bak
2013-12-25 20:55:11 ----A---- C:\WINDOWS\system32\drivers\s3gnbm.sys.bak
2013-12-25 20:55:11 ----A---- C:\WINDOWS\system32\drivers\rtl8139.sys.bak
2013-12-25 20:55:11 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys.bak
2013-12-25 20:55:11 ----A---- C:\WINDOWS\system32\drivers\rndismpx.sys.bak
2013-12-25 20:55:11 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys.bak
2013-12-25 20:55:10 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys.bak
2013-12-25 20:55:10 ----A---- C:\WINDOWS\system32\drivers\riodrv.sys.bak
2013-12-25 20:55:09 ----A---- C:\WINDOWS\system32\drivers\rio8drv.sys.bak
2013-12-25 20:55:09 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys.bak
2013-12-25 20:55:09 ----A---- C:\WINDOWS\system32\drivers\redbook.sys.bak
2013-12-25 20:55:08 ----A---- C:\WINDOWS\system32\drivers\recagent.sys.bak
2013-12-25 20:55:08 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys.bak
2013-12-25 20:55:08 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys.bak
2013-12-25 20:55:07 ----A---- C:\WINDOWS\system32\drivers\rdpcdd.sys.bak
2013-12-25 20:55:07 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys.bak
2013-12-25 20:55:06 ----A---- C:\WINDOWS\system32\drivers\rawwan.sys.bak
2013-12-25 20:55:06 ----A---- C:\WINDOWS\system32\drivers\raspti.sys.bak
2013-12-25 20:55:05 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys.bak
2013-12-25 20:55:05 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys.bak
2013-12-25 20:55:05 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys.bak
2013-12-25 20:55:04 ----A---- C:\WINDOWS\system32\drivers\rasirda.sys.bak
2013-12-25 20:55:04 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys.bak
2013-12-25 20:55:03 ----A---- C:\WINDOWS\system32\drivers\R8139n51.sys.bak
2013-12-25 20:55:02 ----A---- C:\WINDOWS\system32\drivers\ptilink.sys.bak
2013-12-25 20:55:02 ----A---- C:\WINDOWS\system32\drivers\psched.sys.bak
2013-12-25 20:55:01 ----A---- C:\WINDOWS\system32\drivers\processr.sys.bak
2013-12-25 20:55:01 ----A---- C:\WINDOWS\system32\drivers\portcls.sys.bak
2013-12-25 20:55:01 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys.bak
2013-12-25 20:55:00 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys.bak
2013-12-25 20:55:00 ----A---- C:\WINDOWS\system32\drivers\pciide.sys.bak
2013-12-25 20:54:59 ----A---- C:\WINDOWS\system32\drivers\pci.sys.bak
2013-12-25 20:54:59 ----A---- C:\WINDOWS\system32\drivers\parvdm.sys.bak
2013-12-25 20:54:59 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys.bak
2013-12-25 20:54:58 ----A---- C:\WINDOWS\system32\drivers\parport.sys.bak
2013-12-25 20:54:58 ----A---- C:\WINDOWS\system32\drivers\oprghdlr.sys.bak
2013-12-25 20:54:57 ----A---- C:\WINDOWS\system32\drivers\ohci1394.sys.bak
2013-12-25 20:54:57 ----A---- C:\WINDOWS\system32\drivers\nwlnkspx.sys.bak
2013-12-25 20:54:56 ----A---- C:\WINDOWS\system32\drivers\nwlnknb.sys.bak
2013-12-25 20:54:56 ----A---- C:\WINDOWS\system32\drivers\nwlnkfwd.sys.bak
2013-12-25 20:54:56 ----A---- C:\WINDOWS\system32\drivers\nwlnkflt.sys.bak
2013-12-25 20:54:55 ----A---- C:\WINDOWS\system32\drivers\nv_agp.SYS.bak
2013-12-25 20:54:54 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys.bak
2013-12-25 20:54:54 ----A---- C:\WINDOWS\system32\drivers\null.sys.bak
2013-12-25 20:54:53 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys.bak
2013-12-25 20:54:52 ----A---- C:\WINDOWS\system32\drivers\npfs.sys.bak
2013-12-25 20:54:52 ----A---- C:\WINDOWS\system32\drivers\nikedrv.sys.bak
2013-12-25 20:54:51 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys.bak
2013-12-25 20:54:48 ----A---- C:\WINDOWS\system32\drivers\netbt.sys.bak
2013-12-25 20:54:46 ----A---- C:\WINDOWS\system32\drivers\netbios.sys.bak
2013-12-25 20:54:44 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys.bak
2013-12-25 20:54:42 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys.bak
2013-12-25 20:54:42 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys.bak
2013-12-25 20:54:41 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys.bak
2013-12-25 20:54:41 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys.bak
2013-12-25 20:54:40 ----A---- C:\WINDOWS\system32\drivers\ndis.sys.bak
2013-12-25 20:54:40 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys.bak
2013-12-25 20:54:39 ----A---- C:\WINDOWS\system32\drivers\mutohpen.sys.bak
2013-12-25 20:54:39 ----A---- C:\WINDOWS\system32\drivers\mup.sys.bak
2013-12-25 20:54:38 ----A---- C:\WINDOWS\system32\drivers\mtxparhm.sys.bak
2013-12-25 20:54:38 ----A---- C:\WINDOWS\system32\drivers\mtlstrm.sys.bak
2013-12-25 20:54:37 ----A---- C:\WINDOWS\system32\drivers\mtlmnt5.sys.bak
2013-12-25 20:54:37 ----A---- C:\WINDOWS\system32\drivers\mstee.sys.bak
2013-12-25 20:54:37 ----A---- C:\WINDOWS\system32\drivers\mssmbios.sys.bak
2013-12-25 20:54:36 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys.bak
2013-12-25 20:54:36 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys.bak
2013-12-25 20:54:36 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys.bak
2013-12-25 20:54:35 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys.bak
2013-12-25 20:54:35 ----A---- C:\WINDOWS\system32\drivers\msfs.sys.bak
2013-12-25 20:54:35 ----A---- C:\WINDOWS\system32\drivers\msdv.sys.bak
2013-12-25 20:54:34 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys.bak
2013-12-25 20:54:34 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys.bak
2013-12-25 20:54:34 ----A---- C:\WINDOWS\system32\drivers\mpe.sys.bak
2013-12-25 20:54:33 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys.bak
2013-12-25 20:54:33 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys.bak
2013-12-25 20:54:32 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys.bak
2013-12-25 20:54:32 ----A---- C:\WINDOWS\system32\drivers\modem.sys.bak
2013-12-25 20:54:32 ----A---- C:\WINDOWS\system32\drivers\mnmdd.sys.bak
2013-12-25 20:54:32 ----A---- C:\WINDOWS\system32\drivers\mf.sys.bak
2013-12-25 20:54:31 ----A---- C:\WINDOWS\system32\drivers\mdmxsdk.sys.bak
2013-12-25 20:54:31 ----A---- C:\WINDOWS\system32\drivers\mdc8021x.sys.bak
2013-12-25 20:54:31 ----A---- C:\WINDOWS\system32\drivers\mcd.sys.bak
2013-12-25 20:54:31 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys.bak
2013-12-25 20:54:30 ----A---- C:\WINDOWS\system32\drivers\ks.sys.bak
2013-12-25 20:54:29 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys.bak
2013-12-25 20:54:29 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys.bak
2013-12-25 20:54:29 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys.bak
2013-12-25 20:54:29 ----A---- C:\WINDOWS\system32\drivers\irenum.sys.bak
2013-12-25 20:54:28 ----A---- C:\WINDOWS\system32\drivers\irda.sys.bak
2013-12-25 20:54:28 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys.bak
2013-12-25 20:54:27 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys.bak
2013-12-25 20:54:27 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys.bak
2013-12-25 20:54:26 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys.bak
2013-12-25 20:54:26 ----A---- C:\WINDOWS\system32\drivers\ip6fw.sys.bak
2013-12-25 20:54:25 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys.bak
2013-12-25 20:54:25 ----A---- C:\WINDOWS\system32\drivers\imapi.sys.bak
2013-12-25 20:54:25 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys.bak
2013-12-25 20:54:24 ----A---- C:\WINDOWS\system32\drivers\http.sys.bak
2013-12-25 20:54:23 ----A---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys.bak
2013-12-25 20:54:23 ----A---- C:\WINDOWS\system32\drivers\hsfcxts2.sys.bak
2013-12-25 20:54:22 ----A---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys.bak
2013-12-25 20:54:22 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys.bak
2013-12-25 20:54:22 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys.bak
2013-12-25 20:54:21 ----A---- C:\WINDOWS\system32\drivers\hidir.sys.bak
2013-12-25 20:54:21 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys.bak
2013-12-25 20:54:21 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys.bak
2013-12-25 20:54:21 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys.bak
2013-12-25 20:54:20 ----A---- C:\WINDOWS\system32\drivers\gagp30kx.sys.bak
2013-12-25 20:54:20 ----A---- C:\WINDOWS\system32\drivers\ftdisk.sys.bak
2013-12-25 20:54:20 ----A---- C:\WINDOWS\system32\drivers\fsvga.sys.bak
2013-12-25 20:54:20 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys.bak
2013-12-25 20:54:19 ----A---- C:\WINDOWS\system32\drivers\frmupgr.sys.bak
2013-12-25 20:54:19 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys.bak
2013-12-25 20:54:19 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys.bak
2013-12-25 20:54:18 ----A---- C:\WINDOWS\system32\drivers\fips.sys.bak
2013-12-25 20:54:18 ----A---- C:\WINDOWS\system32\drivers\fdc.sys.bak
2013-12-25 20:54:17 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys.bak
2013-12-25 20:54:17 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys.bak
2013-12-25 20:54:17 ----A---- C:\WINDOWS\system32\drivers\eabusb.sys.bak
2013-12-25 20:54:16 ----A---- C:\WINDOWS\system32\drivers\eabfiltr.sys.bak
2013-12-25 20:54:16 ----A---- C:\WINDOWS\system32\drivers\dxgthk.sys.bak
2013-12-25 20:54:16 ----A---- C:\WINDOWS\system32\drivers\dxg.sys.bak
2013-12-25 20:54:15 ----A---- C:\WINDOWS\system32\drivers\dxapi.sys.bak
2013-12-25 20:54:15 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys.bak
2013-12-25 20:54:15 ----A---- C:\WINDOWS\system32\drivers\drmk.sys.bak
2013-12-25 20:54:15 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys.bak
2013-12-25 20:54:14 ----A---- C:\WINDOWS\system32\drivers\dmload.sys.bak
2013-12-25 20:54:14 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys.bak
2013-12-25 20:54:14 ----A---- C:\WINDOWS\system32\drivers\disk.sys.bak
2013-12-25 20:54:13 ----A---- C:\WINDOWS\system32\drivers\cpqdap01.sys.bak
2013-12-25 20:54:13 ----A---- C:\WINDOWS\system32\drivers\compbatt.sys.bak
2013-12-25 20:54:13 ----A---- C:\WINDOWS\system32\drivers\cmbatt.sys.bak
2013-12-25 20:54:12 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys.bak
2013-12-25 20:54:09 ----A---- C:\WINDOWS\system32\drivers\cinemst2.sys.bak
2013-12-25 20:54:07 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys.bak
2013-12-25 20:54:06 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys.bak
2013-12-25 20:54:06 ----A---- C:\WINDOWS\system32\drivers\cdaudio.sys.bak
2013-12-25 20:54:05 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys.bak
2013-12-25 20:54:05 ----A---- C:\WINDOWS\system32\drivers\cbidf2k.sys.bak
2013-12-25 20:54:05 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys.bak
2013-12-25 20:54:04 ----A---- C:\WINDOWS\system32\drivers\btslbcsp.sys.bak
2013-12-25 20:54:04 ----A---- C:\WINDOWS\system32\drivers\btserial.sys.bak
2013-12-25 20:54:03 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys.bak
2013-12-25 20:54:03 ----A---- C:\WINDOWS\system32\drivers\bthusb.sys.bak
2013-12-25 20:54:02 ----A---- C:\WINDOWS\system32\drivers\bthprint.sys.bak
2013-12-25 20:54:02 ----A---- C:\WINDOWS\system32\drivers\bthport.sys.bak
2013-12-25 20:54:02 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys.bak
2013-12-25 20:54:01 ----A---- C:\WINDOWS\system32\drivers\bthmodem.sys.bak
2013-12-25 20:54:01 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys.bak
2013-12-25 20:54:00 ----A---- C:\WINDOWS\system32\drivers\bridge.sys.bak
2013-12-25 20:54:00 ----A---- C:\WINDOWS\system32\drivers\beep.sys.bak
2013-12-25 20:54:00 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys.bak
2013-12-25 20:53:59 ----A---- C:\WINDOWS\system32\drivers\BCMWL5.SYS.bak
2013-12-25 20:53:59 ----A---- C:\WINDOWS\system32\drivers\bcbthub.sys.bak
2013-12-25 20:53:59 ----A---- C:\WINDOWS\system32\drivers\battc.sys.bak
2013-12-25 20:53:58 ----A---- C:\WINDOWS\system32\drivers\audstub.sys.bak
2013-12-25 20:53:57 ----A---- C:\WINDOWS\system32\drivers\atmuni.sys.bak
2013-12-25 20:53:57 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys.bak
2013-12-25 20:53:57 ----A---- C:\WINDOWS\system32\drivers\atmepvc.sys.bak
2013-12-25 20:53:56 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys.bak
2013-12-25 20:53:56 ----A---- C:\WINDOWS\system32\drivers\atinxsxx.sys.bak
2013-12-25 20:53:55 ----A---- C:\WINDOWS\system32\drivers\atinxbxx.sys.bak
2013-12-25 20:53:55 ----A---- C:\WINDOWS\system32\drivers\atintuxx.sys.bak
2013-12-25 20:53:54 ----A---- C:\WINDOWS\system32\drivers\atinttxx.sys.bak
2013-12-25 20:53:54 ----A---- C:\WINDOWS\system32\drivers\atinsnxx.sys.bak
2013-12-25 20:53:54 ----A---- C:\WINDOWS\system32\drivers\atinrvxx.sys.bak
2013-12-25 20:53:53 ----A---- C:\WINDOWS\system32\drivers\atinraxx.sys.bak
2013-12-25 20:53:53 ----A---- C:\WINDOWS\system32\drivers\atinpdxx.sys.bak
2013-12-25 20:53:53 ----A---- C:\WINDOWS\system32\drivers\atinmdxx.sys.bak
2013-12-25 20:53:52 ----A---- C:\WINDOWS\system32\drivers\atinbtxx.sys.bak
2013-12-25 20:53:52 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys.bak
2013-12-25 20:53:51 ----A---- C:\WINDOWS\system32\drivers\ati1xsxx.sys.bak
2013-12-25 20:53:51 ----A---- C:\WINDOWS\system32\drivers\ati1xbxx.sys.bak
2013-12-25 20:53:50 ----A---- C:\WINDOWS\system32\drivers\ati1tuxx.sys.bak
2013-12-25 20:53:50 ----A---- C:\WINDOWS\system32\drivers\ati1ttxx.sys.bak
2013-12-25 20:53:50 ----A---- C:\WINDOWS\system32\drivers\ati1snxx.sys.bak
2013-12-25 20:53:49 ----A---- C:\WINDOWS\system32\drivers\ati1raxx.sys.bak
2013-12-25 20:53:49 ----A---- C:\WINDOWS\system32\drivers\ati1pdxx.sys.bak
2013-12-25 20:53:48 ----A---- C:\WINDOWS\system32\drivers\ati1mdxx.sys.bak
2013-12-25 20:53:48 ----A---- C:\WINDOWS\system32\drivers\atapi.sys.bak
2013-12-25 20:53:47 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys.bak
2013-12-25 20:53:47 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys.bak
2013-12-25 20:53:46 ----A---- C:\WINDOWS\system32\drivers\Apfiltr.sys.bak
2013-12-25 20:53:46 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys.bak
2013-12-25 20:53:45 ----A---- C:\WINDOWS\system32\drivers\amdk7.sys.bak
2013-12-25 20:53:45 ----A---- C:\WINDOWS\system32\drivers\amdagp.sys.bak
2013-12-25 20:53:45 ----A---- C:\WINDOWS\system32\drivers\alim1541.sys.bak
2013-12-25 20:53:44 ----A---- C:\WINDOWS\system32\drivers\AGRSM.sys.bak
2013-12-25 20:53:43 ----A---- C:\WINDOWS\system32\drivers\agpcpq.sys.bak
2013-12-25 20:53:43 ----A---- C:\WINDOWS\system32\drivers\agp440.sys.bak
2013-12-25 20:53:43 ----A---- C:\WINDOWS\system32\drivers\afd.sys.bak
2013-12-25 20:53:42 ----A---- C:\WINDOWS\system32\drivers\aec.sys.bak
2013-12-25 20:53:41 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys.bak
2013-12-25 20:53:41 ----A---- C:\WINDOWS\system32\drivers\acpiec.sys.bak
2013-12-25 20:53:40 ----A---- C:\WINDOWS\system32\drivers\acpi.sys.bak
2013-12-25 20:53:40 ----A---- C:\WINDOWS\system32\drivers\1394bus.sys.bak
2013-12-25 17:59:23 ----D---- C:\Documents and Settings\Mama\Data aplikací\Malwarebytes
2013-12-25 17:59:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-25 16:55:15 ----D---- C:\AdwCleaner
2013-12-25 15:12:23 ----D---- C:\Program Files\trend micro
2013-12-25 15:12:19 ----D---- C:\rsit
2013-12-25 14:28:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-25 14:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-25 14:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-25 14:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-25 14:19:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-24 17:57:10 ----D---- C:\Program Files\CCleaner
2013-12-09 13:15:31 ----D---- C:\Documents and Settings\Mama\Data aplikací\AVAST Software
2013-12-07 23:12:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2013-12-07 23:12:23 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2013-11-30 17:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2013-11-30 16:43:33 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-11-30 16:21:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$

======List of files/folders modified in the last 1 month======

2013-12-25 21:31:40 ----D---- C:\WINDOWS\Prefetch
2013-12-25 21:30:11 ----D---- C:\WINDOWS\system32
2013-12-25 21:11:08 ----D---- C:\WINDOWS\system32\drivers
2013-12-25 20:56:15 ----D---- C:\WINDOWS\Temp
2013-12-25 20:52:27 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-25 20:45:49 ----RD---- C:\Program Files
2013-12-25 20:45:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-25 17:02:55 ----D---- C:\WINDOWS
2013-12-25 17:02:49 ----D---- C:\Program Files\Google
2013-12-25 16:49:20 ----SHD---- C:\WINDOWS\Installer
2013-12-25 14:46:20 ----D---- C:\WINDOWS\Debug
2013-12-25 14:33:35 ----RSD---- C:\WINDOWS\assembly
2013-12-25 14:30:56 ----HD---- C:\WINDOWS\inf
2013-12-25 14:30:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-25 14:30:24 ----D---- C:\Program Files\Internet Explorer
2013-12-25 14:29:35 ----D---- C:\WINDOWS\ie8updates
2013-12-25 14:27:20 ----D---- C:\WINDOWS\system32\MRT
2013-12-25 14:24:43 ----D---- C:\WINDOWS\Microsoft.NET
2013-12-25 14:21:48 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-25 14:10:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-25 14:09:57 ----SHD---- C:\Config.Msi
2013-12-25 14:09:21 ----D---- C:\Program Files\Common Files
2013-12-13 23:52:47 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-09 13:49:42 ----D---- C:\WINDOWS\system32\XPSViewer
2013-12-07 23:22:32 ----SD---- C:\WINDOWS\Tasks
2013-12-07 23:21:39 ----D---- C:\WINDOWS\WinSxS
2013-12-07 23:21:25 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-12-07 23:13:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-12-07 23:00:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-11-30 16:47:27 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-12-07 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-07 178304]
R0 BTKRNL;Bluetooth Protocol Stack; C:\WINDOWS\System32\drivers\btkrnl.sys [2003-10-28 1258138]
R0 DevUpper;TI UltraMedia CardBus Controller Filter Driver; C:\WINDOWS\System32\DRIVERS\tiumflt.sys [2003-12-18 8448]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [2003-12-02 21120]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 AmdK8;Ovladač procesoru AMD Athlon64; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2003-11-07 37888]
R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\System32\drivers\EABFiltr.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; \??\C:\WINDOWS\system32\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\System32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\System32\drivers\btslbcsp.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.0.0; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [2013-05-14 15584]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-12-22 100384]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-12-12 1205292]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 BCM43XX;BCM 802.11b ovladač síťového adaptéru; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2003-12-04 286848]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2003-10-28 52888]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-12-19 1390218]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [2003-10-23 46976]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-10-30 593408]
R3 tiumfwl;tiumfwl; C:\WINDOWS\system32\drivers\tiumfwl.sys [2003-12-18 42092]
R3 VIAIRDA;VIA Infrared Device Driver; C:\WINDOWS\System32\DRIVERS\viairda.sys [2003-04-04 24244]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-10-08 94601]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 TrueSight;TrueSight; \??\ []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-07 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2003-09-12 135168]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2013-09-24 158128]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-12-19 73728]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WLTRYSVC;WLTRYSVC; C:\WINDOWS\System32\wltrysvc.exe [2003-12-04 45056]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-05-14 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Tak jeste jeden sken a pak uz budem mazat. Ale to asi az zitra, dneska uz se asi moc k pc nedostanu.

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Provedeno.
OTL:
OTL logfile created on: 25.12.2013 21:49:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mama\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,98 Mb Total Physical Memory | 206,34 Mb Available Physical Memory | 40,38% Memory free
1,22 Gb Paging File | 0,89 Gb Available in Paging File | 72,85% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,66 Gb Total Space | 43,66 Gb Free Space | 78,44% Space Free | Partition Type: NTFS

Computer Name: MAMAM | User Name: Mama | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.12.25 21:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mama\Plocha\OTL.exe
PRC - [2013.12.07 23:21:12 | 003,568,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.12.07 23:21:10 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003.12.11 07:50:04 | 000,241,664 | ---- | M] (Hewlett-Packard ) -- C:\Program Files\HPQ\Quick Launch Buttons\eabservr.exe
PRC - [2003.09.12 10:45:20 | 001,130,580 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2003.09.12 10:42:00 | 000,503,869 | ---- | M] (WIDCOMM, Inc.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

========== Modules (No Company Name) ==========

MOD - [2013.12.25 10:43:14 | 002,153,984 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13122500\algo.dll
MOD - [2013.12.07 23:21:22 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.12.04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013.12.04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013.12.04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2003.12.04 13:31:00 | 000,147,456 | ---- | M] () -- C:\WINDOWS\system32\ssleay32.dll
MOD - [2003.12.04 13:30:58 | 000,651,264 | ---- | M] () -- C:\WINDOWS\system32\libeay32.dll

========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.13 23:53:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.07 23:21:10 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.12.07 23:21:27 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.12.07 23:21:27 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.12.07 23:21:27 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.12.07 23:21:27 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.12.07 23:21:26 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.12.07 23:21:26 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.12.07 23:21:26 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013.12.07 23:21:26 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013.05.14 10:59:57 | 000,015,584 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2003.12.18 07:02:00 | 000,042,092 | ---- | M] (Texas Instruments Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tiumfwl.sys -- (tiumfwl)
DRV - [2003.12.18 07:02:00 | 000,008,448 | ---- | M] (Texas Instruments Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tiumflt.sys -- (DevUpper)
DRV - [2003.12.12 15:09:38 | 001,205,292 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.12.04 13:29:58 | 000,286,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003.12.02 15:27:00 | 000,021,120 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2003.10.28 17:16:28 | 001,258,138 | R--- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2003.10.28 17:16:28 | 000,052,888 | R--- | M] (WIDCOMM, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2003.10.23 16:11:00 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2003.10.08 04:40:00 | 000,094,601 | R--- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003.09.12 10:12:46 | 000,022,183 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2003.09.12 10:12:14 | 000,222,876 | ---- | M] (WIDCOMM, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2003.08.18 14:57:52 | 000,007,080 | R--- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2003.06.06 12:46:16 | 000,005,220 | R--- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabusb.sys -- (eabusb)
DRV - [2003.04.04 10:14:00 | 000,024,244 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viairda.sys -- (VIAIRDA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... VV_csCZ536
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_45: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Kitten By RB Themes = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dpmniaikgbkdflminljiiligejfnblnm\1.0_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Mama\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.12.25 21:15:01 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\bc340a08-584e-4ad6-996b-b01ff64817aa.exe (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_45)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/aut ... s-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_45)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{155F38D9-A4B4-4F72-B274-796A83F87905}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Mama\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Mama\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.05.14 10:27:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: MIDI1 - C:\WINDOWS\System32\Syncor11.dll (SoundMAX)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.12.25 21:47:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Mama\Plocha\OTL.exe
[2013.12.25 20:55:44 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2013.12.25 20:55:42 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys.bak
[2013.12.25 20:55:42 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys.bak
[2013.12.25 20:55:41 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys.bak
[2013.12.25 20:55:41 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys.bak
[2013.12.25 20:55:40 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys.bak
[2013.12.25 20:55:40 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys.bak
[2013.12.25 20:55:39 | 000,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2013.12.25 20:55:38 | 000,024,244 | ---- | C] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\viairda.sys.bak
[2013.12.25 20:55:37 | 000,058,112 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2013.12.25 20:55:36 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2013.12.25 20:55:36 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2013.12.25 20:55:35 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2013.12.25 20:55:34 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2013.12.25 20:55:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2013.12.25 20:55:33 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2013.12.25 20:55:31 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2013.12.25 20:55:31 | 000,021,376 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2013.12.25 20:55:28 | 000,042,092 | ---- | C] (Texas Instruments Inc.) -- C:\WINDOWS\System32\drivers\tiumfwl.sys.bak
[2013.12.25 20:55:26 | 000,008,448 | ---- | C] (Texas Instruments Inc.) -- C:\WINDOWS\System32\drivers\tiumflt.sys.bak
[2013.12.25 20:55:22 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2013.12.25 20:55:21 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2013.12.25 20:55:21 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2013.12.25 20:55:18 | 000,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2013.12.25 20:55:17 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2013.12.25 20:55:17 | 000,003,744 | ---- | C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smsens.sys.bak
[2013.12.25 20:55:16 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys.bak
[2013.12.25 20:55:16 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys.bak
[2013.12.25 20:55:16 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys.bak
[2013.12.25 20:55:15 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys.bak
[2013.12.25 20:55:15 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys.bak
[2013.12.25 20:55:12 | 000,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2013.12.25 20:55:11 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys.bak
[2013.12.25 20:55:11 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys.bak
[2013.12.25 20:55:11 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2013.12.25 20:55:11 | 000,020,992 | ---- | C] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys.bak
[2013.12.25 20:55:10 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys.bak
[2013.12.25 20:55:10 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2013.12.25 20:55:09 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2013.12.25 20:55:08 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys.bak
[2013.12.25 20:55:06 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2013.12.25 20:55:03 | 000,046,976 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\R8139n51.sys.bak
[2013.12.25 20:55:01 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2013.12.25 20:55:00 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2013.12.25 20:54:58 | 000,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2013.12.25 20:54:57 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2013.12.25 20:54:56 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2013.12.25 20:54:55 | 000,021,120 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv_agp.SYS.bak
[2013.12.25 20:54:52 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2013.12.25 20:54:39 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys.bak
[2013.12.25 20:54:38 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys.bak
[2013.12.25 20:54:38 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys.bak
[2013.12.25 20:54:37 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.bak
[2013.12.25 20:54:34 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys.bak
[2013.12.25 20:54:32 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2013.12.25 20:54:31 | 000,015,584 | ---- | C] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\mdc8021x.sys.bak
[2013.12.25 20:54:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2013.12.25 20:54:30 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2013.12.25 20:54:22 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2013.12.25 20:54:21 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2013.12.25 20:54:20 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2013.12.25 20:54:19 | 000,017,484 | ---- | C] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\frmupgr.sys.bak
[2013.12.25 20:54:17 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys.bak
[2013.12.25 20:54:17 | 000,005,220 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\drivers\eabusb.sys.bak
[2013.12.25 20:54:16 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2013.12.25 20:54:16 | 000,007,080 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\drivers\eabfiltr.sys.bak
[2013.12.25 20:54:16 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2013.12.25 20:54:15 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2013.12.25 20:54:15 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2013.12.25 20:54:14 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2013.12.25 20:54:13 | 000,011,776 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2013.12.25 20:54:12 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2013.12.25 20:54:09 | 000,262,528 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2013.12.25 20:54:05 | 000,052,888 | ---- | C] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\btwusb.sys.bak
[2013.12.25 20:54:04 | 000,222,876 | ---- | C] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\btslbcsp.sys.bak
[2013.12.25 20:54:03 | 001,258,138 | ---- | C] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\btkrnl.sys.bak
[2013.12.25 20:54:02 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys.bak
[2013.12.25 20:54:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys.bak
[2013.12.25 20:53:59 | 000,286,848 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS.bak
[2013.12.25 20:53:59 | 000,148,794 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcbthub.sys.bak
[2013.12.25 20:53:59 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys.bak
[2013.12.25 20:53:57 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2013.12.25 20:53:57 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2013.12.25 20:53:57 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2013.12.25 20:53:56 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys.bak
[2013.12.25 20:53:55 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys.bak
[2013.12.25 20:53:55 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys.bak
[2013.12.25 20:53:54 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys.bak
[2013.12.25 20:53:54 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys.bak
[2013.12.25 20:53:54 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys.bak
[2013.12.25 20:53:53 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys.bak
[2013.12.25 20:53:53 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys.bak
[2013.12.25 20:53:53 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys.bak
[2013.12.25 20:53:52 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys.bak
[2013.12.25 20:53:52 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys.bak
[2013.12.25 20:53:51 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.bak
[2013.12.25 20:53:51 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.bak
[2013.12.25 20:53:50 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.bak
[2013.12.25 20:53:50 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys.bak
[2013.12.25 20:53:50 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.bak
[2013.12.25 20:53:49 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys.bak
[2013.12.25 20:53:49 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.bak
[2013.12.25 20:53:48 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.bak
[2013.12.25 20:53:46 | 000,094,601 | ---- | C] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys.bak
[2013.12.25 20:53:44 | 001,205,292 | ---- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys.bak
[2013.12.25 20:53:40 | 000,053,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys.bak
[2013.12.25 20:50:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mama\Plocha\RK_Quarantine
[2013.12.25 17:59:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mama\Data aplikací\Malwarebytes
[2013.12.25 17:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.12.25 17:48:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mama\Plocha\CrystalDiskInfo5_0_0
[2013.12.25 16:55:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.25 15:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.25 15:12:19 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.25 14:46:19 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Mama\Recent
[2013.12.24 17:57:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mama\Nabídka Start\Programy\CCleaner
[2013.12.24 17:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.12.09 13:15:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mama\Data aplikací\AVAST Software
[2013.12.07 23:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Avast
[2013.12.07 23:12:32 | 000,035,656 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.12.07 23:12:23 | 000,070,384 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.11.27 12:50:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Mama\Local Settings\Data aplikací\PCHealth
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.12.25 21:52:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.25 21:47:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Mama\Plocha\OTL.exe
[2013.12.25 21:47:03 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.12.25 21:31:01 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.12.25 21:11:07 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys.bak
[2013.12.25 21:11:07 | 000,022,271 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys.bak
[2013.12.25 21:11:07 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2013.12.25 21:11:06 | 000,011,935 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys.bak
[2013.12.25 21:11:06 | 000,011,871 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys.bak
[2013.12.25 21:11:06 | 000,011,295 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys.bak
[2013.12.25 21:11:05 | 000,081,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2013.12.25 21:11:05 | 000,011,807 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys.bak
[2013.12.25 21:11:04 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2013.12.25 21:11:04 | 000,024,244 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\System32\drivers\viairda.sys.bak
[2013.12.25 21:11:03 | 000,144,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2013.12.25 21:11:03 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2013.12.25 21:11:03 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2013.12.25 21:11:02 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2013.12.25 21:11:02 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2013.12.25 21:11:02 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2013.12.25 21:11:01 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2013.12.25 21:11:01 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2013.12.25 21:11:00 | 000,042,092 | ---- | M] (Texas Instruments Inc.) -- C:\WINDOWS\System32\drivers\tiumfwl.sys.bak
[2013.12.25 21:11:00 | 000,008,448 | ---- | M] (Texas Instruments Inc.) -- C:\WINDOWS\System32\drivers\tiumflt.sys.bak
[2013.12.25 21:10:59 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2013.12.25 21:10:59 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2013.12.25 21:10:58 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2013.12.25 21:10:56 | 000,025,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2013.12.25 21:10:56 | 000,003,744 | ---- | M] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\smsens.sys.bak
[2013.12.25 21:10:55 | 000,404,990 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys.bak
[2013.12.25 21:10:55 | 000,129,535 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys.bak
[2013.12.25 21:10:55 | 000,095,424 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys.bak
[2013.12.25 21:10:55 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2013.12.25 21:10:55 | 000,013,240 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys.bak
[2013.12.25 21:10:55 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys.bak
[2013.12.25 21:10:53 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys.bak
[2013.12.25 21:10:53 | 000,096,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2013.12.25 21:10:53 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys.bak
[2013.12.25 21:10:53 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\drivers\rtl8139.sys.bak
[2013.12.25 21:10:52 | 000,203,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys.bak
[2013.12.25 21:10:52 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2013.12.25 21:10:52 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2013.12.25 21:10:52 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2013.12.25 21:10:51 | 000,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys.bak
[2013.12.25 21:10:50 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2013.12.25 21:10:49 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\R8139n51.sys.bak
[2013.12.25 21:10:48 | 000,146,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2013.12.25 21:10:47 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2013.12.25 21:10:46 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2013.12.25 21:10:46 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2013.12.25 21:10:46 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2013.12.25 21:10:45 | 000,021,120 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv_agp.SYS.bak
[2013.12.25 21:10:43 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2013.12.25 21:10:41 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys.bak
[2013.12.25 21:10:40 | 001,309,184 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys.bak
[2013.12.25 21:10:40 | 000,452,736 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys.bak
[2013.12.25 21:10:39 | 000,126,686 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.bak
[2013.12.25 21:10:36 | 000,015,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys.bak
[2013.12.25 21:10:34 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2013.12.25 21:10:34 | 000,015,584 | ---- | M] (Meetinghouse Data Communications) -- C:\WINDOWS\System32\drivers\mdc8021x.sys.bak
[2013.12.25 21:10:33 | 000,141,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2013.12.25 21:10:33 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2013.12.25 21:10:28 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2013.12.25 21:10:27 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2013.12.25 21:10:26 | 000,017,484 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\frmupgr.sys.bak
[2013.12.25 21:10:26 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2013.12.25 21:10:25 | 000,006,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys.bak
[2013.12.25 21:10:25 | 000,005,220 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\drivers\eabusb.sys.bak
[2013.12.25 21:10:24 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2013.12.25 21:10:24 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2013.12.25 21:10:24 | 000,007,080 | ---- | M] (Hewlett-Packard Company) -- C:\WINDOWS\System32\drivers\eabfiltr.sys.bak
[2013.12.25 21:10:24 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2013.12.25 21:10:23 | 000,060,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2013.12.25 21:10:23 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2013.12.25 21:10:22 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2013.12.25 21:10:22 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2013.12.25 21:10:21 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2013.12.25 21:10:20 | 000,222,876 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\btslbcsp.sys.bak
[2013.12.25 21:10:20 | 000,052,888 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\btwusb.sys.bak
[2013.12.25 21:10:19 | 001,258,138 | ---- | M] (WIDCOMM, Inc.) -- C:\WINDOWS\System32\drivers\btkrnl.sys.bak
[2013.12.25 21:10:19 | 000,022,183 | ---- | M] () -- C:\WINDOWS\System32\drivers\btserial.sys.bak
[2013.12.25 21:10:18 | 000,036,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys.bak
[2013.12.25 21:10:17 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys.bak
[2013.12.25 21:10:16 | 000,286,848 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS.bak
[2013.12.25 21:10:16 | 000,148,794 | ---- | M] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcbthub.sys.bak
[2013.12.25 21:10:16 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys.bak
[2013.12.25 21:10:15 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2013.12.25 21:10:15 | 000,073,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys.bak
[2013.12.25 21:10:15 | 000,063,488 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys.bak
[2013.12.25 21:10:15 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2013.12.25 21:10:15 | 000,031,744 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys.bak
[2013.12.25 21:10:15 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2013.12.25 21:10:15 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys.bak
[2013.12.25 21:10:14 | 000,701,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys.bak
[2013.12.25 21:10:14 | 000,104,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys.bak
[2013.12.25 21:10:14 | 000,057,856 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys.bak
[2013.12.25 21:10:14 | 000,052,224 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys.bak
[2013.12.25 21:10:14 | 000,028,672 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys.bak
[2013.12.25 21:10:14 | 000,014,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys.bak
[2013.12.25 21:10:14 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys.bak
[2013.12.25 21:10:13 | 000,036,463 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.bak
[2013.12.25 21:10:13 | 000,034,735 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.bak
[2013.12.25 21:10:13 | 000,029,455 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.bak
[2013.12.25 21:10:12 | 000,030,671 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys.bak
[2013.12.25 21:10:12 | 000,026,367 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys.bak
[2013.12.25 21:10:12 | 000,021,343 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.bak
[2013.12.25 21:10:12 | 000,012,047 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.bak
[2013.12.25 21:10:11 | 000,011,615 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.bak
[2013.12.25 21:10:10 | 000,094,601 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys.bak
[2013.12.25 21:10:08 | 001,205,292 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys.bak
[2013.12.25 21:10:06 | 000,053,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\1394bus.sys.bak
[2013.12.25 20:51:08 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.12.25 20:49:46 | 003,770,368 | ---- | M] () -- C:\Documents and Settings\Mama\Plocha\RogueKiller.exe
[2013.12.25 20:46:03 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.12.25 20:45:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.12.25 20:45:50 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.25 16:05:53 | 000,001,000 | ---- | M] () -- C:\Documents and Settings\Mama\Dokumenty\MailShield.der
[2013.12.25 15:11:51 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Mama\Plocha\RSIT.exe
[2013.12.25 14:55:44 | 000,000,104 | ---- | M] () -- C:\Documents and Settings\Mama\Plocha\E-mail.lnk
[2013.12.25 14:43:36 | 000,098,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.24 18:02:51 | 000,035,602 | ---- | M] () -- C:\Documents and Settings\Mama\Dokumenty\cc_20131224_180241.reg
[2013.12.24 17:57:19 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Mama\Plocha\CCleaner.lnk
[2013.12.24 17:24:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.12.13 23:52:47 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.12.13 23:52:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.12.07 23:36:51 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.12.07 23:23:05 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
[2013.12.07 23:21:27 | 000,403,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.12.07 23:21:27 | 000,178,304 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.12.07 23:21:27 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.12.07 23:21:27 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.12.07 23:21:26 | 000,774,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.12.07 23:21:26 | 000,070,384 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.12.07 23:21:26 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.12.07 23:21:26 | 000,035,656 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.12.07 23:21:25 | 000,269,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.12.07 23:21:25 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.12.07 23:12:23 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.12.07 23:00:29 | 000,441,880 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.12.07 23:00:28 | 000,438,492 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.12.07 23:00:28 | 000,083,172 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.12.07 23:00:28 | 000,071,816 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.11.30 16:42:44 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Mama\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.11.30 15:41:56 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.12.25 21:52:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.25 20:54:04 | 000,022,183 | ---- | C] () -- C:\WINDOWS\System32\drivers\btserial.sys.bak
[2013.12.25 20:49:41 | 003,770,368 | ---- | C] () -- C:\Documents and Settings\Mama\Plocha\RogueKiller.exe
[2013.12.25 16:05:53 | 000,001,000 | ---- | C] () -- C:\Documents and Settings\Mama\Dokumenty\MailShield.der
[2013.12.25 15:11:47 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Mama\Plocha\RSIT.exe
[2013.12.25 14:55:44 | 000,000,104 | ---- | C] () -- C:\Documents and Settings\Mama\Plocha\E-mail.lnk
[2013.12.24 18:02:46 | 000,035,602 | ---- | C] () -- C:\Documents and Settings\Mama\Dokumenty\cc_20131224_180241.reg
[2013.12.24 17:57:18 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Mama\Plocha\CCleaner.lnk
[2013.11.30 16:42:42 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Mama\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.11.04 15:56:06 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.05.16 21:48:42 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Mama\Local Settings\Data aplikací\fusioncache.dat
[2013.05.16 21:18:01 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.05.14 12:18:21 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.05.14 12:17:12 | 000,098,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.14 11:54:28 | 000,178,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.05.14 11:54:27 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.05.14 10:59:56 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2013.05.14 10:59:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2013.05.14 10:59:56 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2013.05.14 10:59:56 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE
[2013.05.14 10:55:09 | 000,000,166 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2013.05.14 10:53:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2013.05.14 10:40:51 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\msssc.dll
[2013.05.14 10:29:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.05.14 10:24:52 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2013.05.14 10:44:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2013.04.16 22:18:20 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.12.07 23:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.12.09 13:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\AVAST Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013.05.14 10:25:20 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.05.14 10:27:30 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.05.14 11:54:26 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2013.05.14 11:54:37 | 000,000,932 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.14 11:54:38 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.05.14 21:12:45 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 23:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2003.04.16 20:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2003.04.16 20:00:00 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2003.04.16 20:00:00 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=82CD2AA659D68781D29BA87421BE0E40 -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 07:52:12 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2003.04.16 20:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 23:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2003.04.16 20:00:00 | 000,047,488 | ---- | M] (Microsoft Corporation) MD5=6506E033AD04CFEC9EE56DBEFD1083DD -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2003.04.16 20:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) MD5=031E7FF41B13B658CAE7D6C98086F76A -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 07:51:40 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2003.04.16 20:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) MD5=E8508E7F865490D8AE71D00C8DF4D227 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2003.04.16 20:00:00 | 001,004,544 | ---- | M] (Microsoft Corporation) MD5=11D80755545CFB5EB9659EE88440EAE2 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2003.04.16 20:00:00 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 23:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 23:01:30 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2003.04.16 20:00:00 | 000,127,872 | ---- | M] (Microsoft Corporation) MD5=E8D2B5D5186A9B93D7019D7A74D77A1E -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2003.04.16 20:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 06:57:54 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2003.04.16 20:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=32F7074BAC9A5F899CCA9C046C9FA6EB -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2003.03.06 09:30:58 | 000,162,432 | ---- | M] (Microsoft Corporation) MD5=09B38768036508B51564201AFB000950 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2003.04.16 20:00:00 | 000,167,552 | ---- | M] (Microsoft Corporation) MD5=3B350E5A2A5E951453F3993275A4523A -- C:\WINDOWS\$NtUninstallQ815485$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
[2003.04.16 20:00:00 | 000,399,360 | ---- | M] (Microsoft Corporation) MD5=CF03E300B5CEEFFEFBE6F67532BD0EF1 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
[2003.04.16 20:00:00 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B2666CAB5E8C8A741D63F18D551A47FB -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2003.04.16 20:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=7763D73255AD4046FA999D42EAF22C26 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2003.04.16 20:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2003.04.16 20:00:00 | 000,332,928 | ---- | M] (Microsoft Corporation) MD5=244A2F9816BC9B593957281EF577D976 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.04.13 23:50:18 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2003.04.16 20:00:00 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B26871B5CE92F9D95AE6E62119799EB9 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2003.04.16 20:00:00 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=FF8857D1AF59071F172C0FAD0FD33E87 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2003.04.16 20:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.05.14 21:19:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Adobe
[2013.12.09 13:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\AVAST Software
[2013.05.14 20:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Google
[2013.05.14 10:37:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Identities
[2013.05.14 21:11:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Macromedia
[2013.12.25 17:59:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Malwarebytes
[2013.06.22 21:05:48 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Mama\Data aplikací\Microsoft
[2013.11.24 19:44:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Skype
[2013.05.14 10:59:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Mama\Data aplikací\Sun

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2013.05.14 12:16:25 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.05.14 12:16:25 | 000,606,208 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.05.14 12:16:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.12.25 14:43:36 | 000,098,256 | ---- | M] () -- C:\WINDOWS\system32\FNTCACHE.DAT
[2013.12.25 14:21:48 | 088,123,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2013.12.25 14:28:35 | 000,019,306 | ---- | M] () -- C:\WINDOWS\system32\TZLog.log
[2013.12.24 17:24:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 07:52:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 07:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemRoot%\System32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.25 21:52:11 | 000,000,512 | ---- | M] () MD5=E77619C6B23CB4CD23F995A387D4147A -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.05.14 10:40:59 | 000,001,479 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\SoundMAX\DLS Loader.lnk
[2003.07.30 08:06:00 | 000,106,496 | ---- | M] () -- \Program Files\Analog Devices\SoundMAX\DLSLoader.exe
[2002.08.30 13:09:00 | 000,000,595 | ---- | M] () -- \Program Files\Analog Devices\SoundMAX\DLSLoader.exe.manifest
[2002.12.11 23:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2002.12.11 23:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 23:01:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 23:01:50 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 07:51:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2003.04.16 20:00:00 | 000,062,208 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2013.05.14 11:00:14 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.05.16 21:53:15 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC\System.Runtime.Serialization.Formatters.Soap\1.0.5000.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.12.07 22:58:52 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.11.30 17:06:11 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.12.07 23:19:43 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.11.30 17:59:50 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2004.07.15 13:31:54 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
[2003.04.07 18:24:52 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v1.1.4322\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\GAC38049\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.27 00:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2008.04.14 06:47:26 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2003.04.16 20:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2003.04.16 20:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2003.04.16 20:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2003.04.16 20:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2003.09.12 10:12:46 | 000,022,183 | ---- | M] () -- \WINDOWS\system32\drivers\btserial.sys
[2013.12.25 21:10:19 | 000,022,183 | ---- | M] () -- \WINDOWS\system32\drivers\btserial.sys.bak
[2008.04.14 06:51:10 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[2013.12.25 21:10:54 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys.bak

< *w7lxe* /s >

< End of report >

EXTRAS:
OTL Extras logfile created on: 25.12.2013 21:49:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Mama\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,98 Mb Total Physical Memory | 206,34 Mb Available Physical Memory | 40,38% Memory free
1,22 Gb Paging File | 0,89 Gb Available in Paging File | 72,85% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,66 Gb Total Space | 43,66 Gb Free Space | 78,44% Space Free | Partition Type: NTFS

Computer Name: MAMAM | User Name: Mama | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1482476501-1336601894-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83216045FF}" = Java(TM) 6 Update 45
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{97355297-21C8-40CD-96D3-48E58037A9B8}" = TI1620/1520
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}" = Realtek RTL8139/810x Fast Ethernet NIC Driver Setup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC62001-AD9F-46DB-8668-9946154D6A07}" = AMD Athlon 64 Processor Driver
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 4.20 C4
"{E837279E-4C3F-411A-8E3D-0EFD97F818E3}" = Bluetooth by hp
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"avast" = avast! Free Antivirus
"Broadcom 802.11 Application" = Broadcom 802.11 Control Panel
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Driver
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"InstallShield_{97355297-21C8-40CD-96D3-48E58037A9B8}" = PCI 1620 Cardbus Controller and Software
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA nForce Drivers" = NVIDIA nForce Drivers
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 24.10.2013 2:13:47 | Computer Name = MAMAM | Source = WLTRYSVC | ID = 2
Description = SetServiceStatus() failed

Error - 24.11.2013 14:31:14 | Computer Name = MAMAM | Source = MsiInstaller | ID = 11500
Description = Product: Java 7 Update 45 -- Error 1500.Another installation is in
progress. You must complete that installation before continuing this one.

Error - 24.11.2013 14:31:16 | Computer Name = MAMAM | Source = MsiInstaller | ID = 11500
Description = Product: Java 7 Update 45 -- Error 1500.Another installation is in
progress. You must complete that installation before continuing this one.

Error - 24.11.2013 14:31:21 | Computer Name = MAMAM | Source = MsiInstaller | ID = 11500
Description = Product: Java 7 Update 45 -- Error 1500.Another installation is in
progress. You must complete that installation before continuing this one.

Error - 24.11.2013 14:49:00 | Computer Name = MAMAM | Source = MsiInstaller | ID = 11935
Description = Produkt: Microsoft .NET Framework 3.0 Service Pack 2 - Chyba 1935.
Při instalaci sestavení PresentationCore,fileVersion="3.0.6920.4050",culture="neutral",version="3.0.0.0",publicKeyToken="31bf3856ad364e35",processorArchitecture="X86"
došlo k chybě. Další informace najdete v Nápovědě a odborné pomoci. HRESULT: 0x80070020.
rozhraní sestavení: IAssemblyCacheItem, funkce: Commit, součást: {F04868FD-1403-4026-9960-2B819AF8CC5C}

Error - 24.11.2013 14:54:59 | Computer Name = MAMAM | Source = WLTRYSVC | ID = 2
Description = SetServiceStatus() failed

Error - 24.11.2013 14:56:29 | Computer Name = MAMAM | Source = MsiInstaller | ID = 1023
Description = Aktualizaci KB2832411 produktu Microsoft .NET Framework 3.0 Service
Pack 2 nebylo možné nainstalovat. Kód chyby: 1603. Další informace naleznete v
souboru protokolu .

Error - 24.11.2013 14:56:35 | Computer Name = MAMAM | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb2832411,
P2 1029, P3 1603, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
1935.

Error - 24.11.2013 15:06:33 | Computer Name = MAMAM | Source = HotFixInstaller | ID = 5000
Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168,
P2 1029, P3 1618, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10
0.

Error - 9.12.2013 10:58:13 | Computer Name = MAMAM | Source = WLTRYSVC | ID = 2
Description = SetServiceStatus() failed

[ System Events ]
Error - 25.12.2013 8:55:37 | Computer Name = MAMAM | Source = Dhcp | ID = 1000
Description = Zapůjčení adresy IP počítače 192.168.2.101 pro síťovou kartu se síťovou
adresou 00904B4F4BCB byla ukončena.

Error - 25.12.2013 9:43:49 | Computer Name = MAMAM | Source = sr | ID = 1
Description = Filtr nástroje Obnovení systému zjistil neočekávanou chybu 0xC0000001
při zpracování souboru na svazku HarddiskVolume1. Sledování svazku bylo ukončeno.

Error - 25.12.2013 12:01:08 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba Bluetooth Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 25.12.2013 12:01:08 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7031
Description = Služba Zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error - 25.12.2013 12:01:08 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba SoundMAX Agent Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 25.12.2013 12:01:08 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Driver Helper Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 25.12.2013 12:01:08 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba WLTRYSVC byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 25.12.2013 12:01:08 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 25.12.2013 12:01:09 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 25.12.2013 12:01:09 | Computer Name = MAMAM | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

< End of report >

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
JavaQuickStarterService
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
O3 - HKU\S-1-5-21-1482476501-1336601894-725345543-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Krásné den,

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 83327 bytes

User: Mama
->Temp folder emptied: 83984776 bytes
->Temporary Internet Files folder emptied: 540715 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 32694827 bytes
->Flash cache emptied: 742 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1119674 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 17319304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 432140408 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 199530 bytes
RecycleBin emptied: 26097996 bytes

Total Files Cleaned = 567,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: Mama
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1482476501-1336601894-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1482476501-1336601894-725345543-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP12E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP16B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP254.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP274.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP327.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3CC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3E6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP400.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4DC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E6.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C2.tmp\PresentationFramework.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C2.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI1BF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1CF.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1D1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1E8.tmp deleted successfully.
C:\WINDOWS\Installer\MSI2B.tmp deleted successfully.
C:\WINDOWS\Installer\MSI31E.tmp deleted successfully.
C:\WINDOWS\Installer\MSI4A1.tmp deleted successfully.
C:\WINDOWS\Installer\MSI58.tmp deleted successfully.
C:\WINDOWS\Installer\MSI86.tmp deleted successfully.
C:\WINDOWS\Installer\MSID.tmp deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12262013_122559

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

VIRY.CZ

Máma - preventivně

Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně

Re: Máma - preventivně