Prosím o preventivku - starší počítač

[Iveta2]

Dobrý den, prosím o preventivku našeho starého počítače. Už tady jednou byl, ale ségra se na to v polovině vykašlala, takže nevím, jak moc mu to pomohlo. Krom toho, že ho projedu CCleanerem, když se k němu dostanu, s ním nikdo nic nedělá. Takže přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaroslav at 2013-12-29 16:54:07
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (30%) free of 40 GB
Total RAM: 1023 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:54:27, on 29.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Jaroslav\Plocha\RSIT.exe
C:\Program Files\trend micro\Jaroslav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://tn.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Windows Internet Explorer: TV Nova
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [exflashservice] "C:\Program Files\EPOX\EFS\EZ_FLASH_SERVICE.exe" "5000"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E83DD611-3449-48A0-9673-3BC22C055796}: NameServer = 160.218.161.60 160.218.167.5
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Jaroslav/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 7108 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default

prefs.js - "extensions.enabledItems" - "wrc@avast.com:20110101, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin.gif
icqplugin.src

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
"nwiz"=nwiz.exe /install []
"exflashservice"=C:\Program Files\EPOX\EFS\EZ_FLASH_SERVICE.exe [2006-05-02 408064]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
"SNPSTD2"=C:\WINDOWS\vsnpstd2.exe [2004-06-10 286720]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-04-15 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Jaroslav\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-12-12 16:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$

======List of files/folders modified in the last 1 month======

2013-12-29 16:54:26 ----D---- C:\Program Files\trend micro
2013-12-29 16:53:18 ----A---- C:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6501).txt
2013-12-29 16:35:20 ----D---- C:\Documents and Settings\Jaroslav\Data aplikací\Skype
2013-12-29 16:34:40 ----D---- C:\WINDOWS\Prefetch
2013-12-29 16:19:31 ----A---- C:\WINDOWS\wincmd.ini
2013-12-29 16:12:36 ----D---- C:\WINDOWS\Temp
2013-12-29 16:06:53 ----D---- C:\Program Files\Webteh
2013-12-29 15:58:26 ----D---- C:\WINDOWS\Debug
2013-12-29 15:58:26 ----D---- C:\WINDOWS
2013-12-29 15:58:20 ----D---- C:\Program Files\Mozilla Firefox
2013-12-29 15:40:58 ----HD---- C:\WINDOWS\inf
2013-12-29 15:36:17 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-29 15:36:10 ----A---- C:\WINDOWS\red_dialer.ini
2013-12-29 15:35:35 ----D---- C:\Documents and Settings\Jaroslav\Data aplikací\OpenOffice.org2
2013-12-28 19:44:00 ----N---- C:\WINDOWS\SchedLgU.Txt
2013-12-18 18:48:46 ----D---- C:\WINDOWS\Help
2013-12-18 18:43:52 ----A---- C:\WINDOWS\NeroDigital.ini
2013-12-13 15:10:00 ----D---- C:\WINDOWS\system32
2013-12-12 16:56:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-12 16:56:01 ----D---- C:\Program Files\Internet Explorer
2013-12-12 16:55:47 ----D---- C:\WINDOWS\ie8updates
2013-12-12 16:55:12 ----D---- C:\WINDOWS\system32\MRT
2013-12-12 16:52:23 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-11 17:04:57 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-06 14:42:38 ----SHD---- C:\WINDOWS\Installer
2013-12-06 14:42:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-06 14:42:23 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-18 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-05-30 29568]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-05-30 33792]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys []
R3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
R3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-06-17 83968]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-05-30 102656]
S3 a4urquqg;a4urquqg; C:\WINDOWS\system32\drivers\a4urquqg.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd2;VideoCAM Look; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 334080]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WINIO;WINIO; \??\C:\Program Files\MetaBench\winio.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-05-30 800768]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-17 119408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------
Díky moc za pomoc

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[Iveta2]

AdwCleaner dochroustal a vyplivl tohle:
# AdwCleaner v3.016 - Report created 29/12/2013 at 19:38:13
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jaroslav - IVCA
# Running from : C:\Documents and Settings\Jaroslav\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin.gif
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin.src
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-11.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-12.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-13.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-14.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-15.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-16.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-17.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-18.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-19.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-20.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-21.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-22.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-23.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-24.xml
File Found : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-25.xml
Folder Found C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\Smartbar
Folder Found C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\ValueApps

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Found : HKCU\Software\SmartBar
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\prefs.js ]

Line Found : user_pref("CT1750559.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT1750559.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM Dance\",\"description\":\"1.FM Dance\",\"url\":\"mms://dance.1.fm/energydance128k?MSWMExt=.asf\"}");
Line Found : user_pref("CT1750559.1000234.TWC_TMP_city", "PRAGUE");
Line Found : user_pref("CT1750559.1000234.TWC_TMP_country", "CZ");
Line Found : user_pref("CT1750559.1000234.TWC_country", "CZECH REPUBLIC");
Line Found : user_pref("CT1750559.1000234.TWC_locId", "USAR2579");
Line Found : user_pref("CT1750559.1000234.TWC_location", "Prague, AR");
Line Found : user_pref("CT1750559.1000234.TWC_region", "OT");
Line Found : user_pref("CT1750559.1000234.TWC_temp_dis", "c");
Line Found : user_pref("CT1750559.1000234.TWC_wind_dis", "kmh");
Line Found : user_pref("CT1750559.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.FirstTime", "true");
Line Found : user_pref("CT1750559.FirstTimeFF3", "true");
Line Found : user_pref("CT1750559.UserID", "UN19305726383158028");
Line Found : user_pref("CT1750559.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT1750559.appButtonDisablenull.enc", "MA==");
Line Found : user_pref("CT1750559.countryCode", "CZ");
Line Found : user_pref("CT1750559.embeddedsData", "[{\"appId\":\"128520273115419467\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT1750559.enableAlerts", "always");
Line Found : user_pref("CT1750559.firstTimeDialogOpened", "true");
Line Found : user_pref("CT1750559.fixPageNotFoundErrorByUser", "TRUE");
Line Found : user_pref("CT1750559.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT1750559.fullUserID", "UN19305726383158028.XP.211404");
Line Found : user_pref("CT1750559.installType", "DirectDownload");
Line Found : user_pref("CT1750559.isCheckedStartAsHidden", true);
Line Found : user_pref("CT1750559.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT1750559.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT1750559.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1750559&octid=CT1750559&SearchSource=15&CUI=UN19305726383158028&SSPV=&Lay=1&UM=1\"}");
Line Found : user_pref("CT1750559.lastVersion", "10.22.5.510");
Line Found : user_pref("CT1750559.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Found : user_pref("CT1750559.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BSPlayerControlBar.OurToolbar.com/\",\[...]
Line Found : user_pref("CT1750559.revertSettingsEnabled", "false");
Line Found : user_pref("CT1750559.search.searchAppId", "128520273115419467");
Line Found : user_pref("CT1750559.search.searchCount", "0");
Line Found : user_pref("CT1750559.searchFromAddressBarEnabledByUser", "false");
Line Found : user_pref("CT1750559.searchInNewTabEnabledByUser", "false");
Line Found : user_pref("CT1750559.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT1750559.searchSuggestEnabledByUser", "false");
Line Found : user_pref("CT1750559.searchUserMode", "1");
Line Found : user_pref("CT1750559.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1750559\"}");
Line Found : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BSPlayerControlBar.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BS Player ControlBar \"}");
Line Found : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT1750559.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT1750559.serviceLayer_services_Configuration_lastUpdate", "1386690727942");
Line Found : user_pref("CT1750559.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1386007392296");
Line Found : user_pref("CT1750559.serviceLayer_services_appsMetadata_lastUpdate", "1386690725969");
Line Found : user_pref("CT1750559.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1386007390315");
Line Found : user_pref("CT1750559.serviceLayer_services_login_10.21.1.507_lastUpdate", "1383231110485");
Line Found : user_pref("CT1750559.serviceLayer_services_login_10.21.1.520_lastUpdate", "1383759552819");
Line Found : user_pref("CT1750559.serviceLayer_services_login_10.22.2.530_lastUpdate", "1384874467115");
Line Found : user_pref("CT1750559.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385215867982");
Line Found : user_pref("CT1750559.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386690720927");
Line Found : user_pref("CT1750559.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1386007391756");
Line Found : user_pref("CT1750559.serviceLayer_services_searchAPI_lastUpdate", "1386690726783");
Line Found : user_pref("CT1750559.serviceLayer_services_serviceMap_lastUpdate", "1386690718501");
Line Found : user_pref("CT1750559.serviceLayer_services_setupAPI_lastUpdate", "1383147909868");
Line Found : user_pref("CT1750559.serviceLayer_services_toolbarContextMenu_lastUpdate", "1386690721380");
Line Found : user_pref("CT1750559.serviceLayer_services_toolbarSettings_lastUpdate", "1386690725910");
Line Found : user_pref("CT1750559.serviceLayer_services_translation_lastUpdate", "1386690725285");
Line Found : user_pref("CT1750559.settingsINI", true);
Line Found : user_pref("CT1750559.showToolbarPermission", "false");
Line Found : user_pref("CT1750559.smartbar.CTID", "CT1750559");
Line Found : user_pref("CT1750559.smartbar.Uninstall", "0");
Line Found : user_pref("CT1750559.smartbar.toolbarName", "BS Player ControlBar ");
Line Found : user_pref("CT1750559.toolbarBornServerTime", "30-10-2013");
Line Found : user_pref("CT1750559.toolbarCurrentServerTime", "10-12-2013");
Line Found : user_pref("CT1750559.toolbarInstallDate", "30-10-2013 16:45:10");
Line Found : user_pref("CT1750559.toolbarLoginClientTime", "Wed Oct 30 2013 16:45:35 GMT+0100");
Line Found : user_pref("CT1750559.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Line Found : user_pref("CT1750559.userIdGenerationCounter", "1");
Line Found : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386770843857,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Found : user_pref("smartbar.machineId", "MSLT1TXE3DRMV86XBLTDQ3MU5VOAJEU/YTHVELMDOZSECNIHWPXMNKPEM3NFYTYRQK//AQMADNX3VGSWMWPDOA");
Line Found : user_pref("valueApps.CT1750559.mam_gk_currentVersion", "312E31322E302E35");
Line Found : user_pref("valueApps.CT1750559.mam_gk_currentVersion.storedInFile", false);
Line Found : user_pref("valueApps.CT1750559.mam_gk_globalKeysMigratedToLocalStorage", "31");
Line Found : user_pref("valueApps.CT1750559.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Line Found : user_pref("valueApps.CT1750559.mam_gk_migrated_from_ls", "31");
Line Found : user_pref("valueApps.CT1750559.mam_gk_migrated_from_ls.storedInFile", false);

[ File : C:\Documents and Settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\8gbn7bgg.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [20067 octets] - [30/10/2013 16:36:32]
AdwCleaner[R1].txt - [12022 octets] - [29/12/2013 19:38:13]
AdwCleaner[S0].txt - [20423 octets] - [30/10/2013 16:40:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [12144 octets] ##########

[Márty84]

Znovu ukoncete vsechny programy a spustte AdwCleaner.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte ho. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Iveta2]

log v ADWCleaneru:
# AdwCleaner v3.016 - Report created 30/12/2013 at 11:21:45
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Jaroslav - IVCA
# Running from : C:\Documents and Settings\Jaroslav\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\Smartbar
Folder Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\ValueApps
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin.gif
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin.src
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-11.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-12.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-13.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-14.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-15.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-16.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-17.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-18.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-19.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-20.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-21.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-22.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-23.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-24.xml
File Deleted : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-25.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\prefs.js ]

Line Deleted : user_pref("CT1750559.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT1750559.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM Dance\",\"description\":\"1.FM Dance\",\"url\":\"mms://dance.1.fm/energydance128k?MSWMExt=.asf\"}");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_city", "PRAGUE");
Line Deleted : user_pref("CT1750559.1000234.TWC_TMP_country", "CZ");
Line Deleted : user_pref("CT1750559.1000234.TWC_country", "CZECH REPUBLIC");
Line Deleted : user_pref("CT1750559.1000234.TWC_locId", "USAR2579");
Line Deleted : user_pref("CT1750559.1000234.TWC_location", "Prague, AR");
Line Deleted : user_pref("CT1750559.1000234.TWC_region", "OT");
Line Deleted : user_pref("CT1750559.1000234.TWC_temp_dis", "c");
Line Deleted : user_pref("CT1750559.1000234.TWC_wind_dis", "kmh");
Line Deleted : user_pref("CT1750559.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.FirstTime", "true");
Line Deleted : user_pref("CT1750559.FirstTimeFF3", "true");
Line Deleted : user_pref("CT1750559.UserID", "UN19305726383158028");
Line Deleted : user_pref("CT1750559.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.appButtonDisablenull.enc", "MA==");
Line Deleted : user_pref("CT1750559.countryCode", "CZ");
Line Deleted : user_pref("CT1750559.embeddedsData", "[{\"appId\":\"128520273115419467\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT1750559.enableAlerts", "always");
Line Deleted : user_pref("CT1750559.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT1750559.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT1750559.fullUserID", "UN19305726383158028.XP.211404");
Line Deleted : user_pref("CT1750559.installType", "DirectDownload");
Line Deleted : user_pref("CT1750559.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT1750559.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT1750559.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT1750559.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT1750559&octid=CT1750559&SearchSource=15&CUI=UN19305726383158028&SSPV=&Lay=1&UM=1\"}");
Line Deleted : user_pref("CT1750559.lastVersion", "10.22.5.510");
Line Deleted : user_pref("CT1750559.mam_gk_installer_preapproved.enc", "RkFMU0U=");
Line Deleted : user_pref("CT1750559.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BSPlayerControlBar.OurToolbar.com/\",\[...]
Line Deleted : user_pref("CT1750559.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT1750559.search.searchAppId", "128520273115419467");
Line Deleted : user_pref("CT1750559.search.searchCount", "0");
Line Deleted : user_pref("CT1750559.searchFromAddressBarEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT1750559.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT1750559.searchUserMode", "1");
Line Deleted : user_pref("CT1750559.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT1750559\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BSPlayerControlBar.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BS Player ControlBar \"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT1750559.serviceLayer_services_Configuration_lastUpdate", "1386690727942");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1386007392296");
Line Deleted : user_pref("CT1750559.serviceLayer_services_appsMetadata_lastUpdate", "1386690725969");
Line Deleted : user_pref("CT1750559.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1386007390315");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.21.1.507_lastUpdate", "1383231110485");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.21.1.520_lastUpdate", "1383759552819");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.22.2.530_lastUpdate", "1384874467115");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385215867982");
Line Deleted : user_pref("CT1750559.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386690720927");
Line Deleted : user_pref("CT1750559.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1386007391756");
Line Deleted : user_pref("CT1750559.serviceLayer_services_searchAPI_lastUpdate", "1386690726783");
Line Deleted : user_pref("CT1750559.serviceLayer_services_serviceMap_lastUpdate", "1386690718501");
Line Deleted : user_pref("CT1750559.serviceLayer_services_setupAPI_lastUpdate", "1383147909868");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarContextMenu_lastUpdate", "1386690721380");
Line Deleted : user_pref("CT1750559.serviceLayer_services_toolbarSettings_lastUpdate", "1386690725910");
Line Deleted : user_pref("CT1750559.serviceLayer_services_translation_lastUpdate", "1386690725285");
Line Deleted : user_pref("CT1750559.settingsINI", true);
Line Deleted : user_pref("CT1750559.showToolbarPermission", "false");
Line Deleted : user_pref("CT1750559.smartbar.CTID", "CT1750559");
Line Deleted : user_pref("CT1750559.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT1750559.smartbar.toolbarName", "BS Player ControlBar ");
Line Deleted : user_pref("CT1750559.toolbarBornServerTime", "30-10-2013");
Line Deleted : user_pref("CT1750559.toolbarCurrentServerTime", "10-12-2013");
Line Deleted : user_pref("CT1750559.toolbarInstallDate", "30-10-2013 16:45:10");
Line Deleted : user_pref("CT1750559.toolbarLoginClientTime", "Wed Oct 30 2013 16:45:35 GMT+0100");
Line Deleted : user_pref("CT1750559.twitter_v1.8.0_twitter_app_open_t_f.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT1750559.userIdGenerationCounter", "1");
Line Deleted : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1386770843857,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
Line Deleted : user_pref("smartbar.machineId", "MSLT1TXE3DRMV86XBLTDQ3MU5VOAJEU/YTHVELMDOZSECNIHWPXMNKPEM3NFYTYRQK//AQMADNX3VGSWMWPDOA");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_currentVersion", "312E31322E302E35");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_currentVersion.storedInFile", false);
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_globalKeysMigratedToLocalStorage", "31");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false);
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_migrated_from_ls", "31");
Line Deleted : user_pref("valueApps.CT1750559.mam_gk_migrated_from_ls.storedInFile", false);

[ File : C:\Documents and Settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\8gbn7bgg.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [20067 octets] - [30/10/2013 16:36:32]
AdwCleaner[R2].txt - [12225 octets] - [30/12/2013 11:20:20]
AdwCleaner[S0].txt - [20423 octets] - [30/10/2013 16:40:45]
AdwCleaner[S1].txt - [12369 octets] - [30/12/2013 11:21:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12430 octets] ##########



Co vyplivl crystal disk:
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows XP Home Edition SP3 [5.1 Build 2600] (x86)
Date : 2013/12/30 11:39:02

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- WDC WD1600JB-00REA0
+ Sekundární kanál IDE (1)
- LITE-ON DVD D LH-16D1P
- LITE-ON DVDRW LH-20A1P
- NVIDIA nForce4 Serial ATA Controller [ATA]
- NVIDIA nForce4 Serial ATA Controller [ATA]
+ SCSI/RAID Host Controller [SCSI]
- HI5010Q FIS614D SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD1600JB-00REA0 : 160,0 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD1600JB-00REA0
----------------------------------------------------------------------------
Model : WDC WD1600JB-00REA0
Firmware : 20.00K20
Serial Number : WD-WCANMF728034
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 1
# of Sectors : 312581808
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : Ultra DMA/100
Power On Hours : 7844 hod.
Power On Count : 2990 krát
Temparature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA
APM Level : ----
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 185 183 _21 000000000E95 Čas na roztočení ploten
04 _97 _97 __0 000000000CF4 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001EA4 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000BAE Počet cyklů zapnutí zařízení
C2 119 _85 __0 00000000001C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4D46 4D46 3732 3830 3334
020: 0000 4000 0032 3230 2E30 3230 3230 5744 4320 5744
030: 3136 3030 4A42 2D30 3052 3020 3020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 0000 746B 7F01 4633 3C01 3C01 4623 203F 0000
090: 0000 0000 FFFE 600D 80FE 0000 0000 0000 86A0 0001
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1276 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 41A5



Výsledky MBAM:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.31.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jaroslav :: IVCA [administrátor]

Ochrana: Povolena

1.1.2014 19:10:49
MBAM-log-2014-01-01 (20-26-41).txt

Typ: Kompletní kontrola (C:\|H:\|I:\|J:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 378367
Uplynulý čas: 58 minut, 43 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 10
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Local Settings\Temp\CT1750559\ctbe.exe.vir (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Local Settings\Temp\CT1750559\ffLogic.exe.vir (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Local Settings\Temp\CT1750559\statisticsStub.exe.vir (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
C:\Program Files\DAEMON Tools\SetupDTSB.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
C:\Program Files\IDM Computer Solutions\UltraEdit\ue32ctmn.bmp (Extension.Mismatch) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{1A68451E-776C-4106-A339-98642F108187}\RP558\A0188114.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
H:\Hry\StressRelief.EXE (Joke.Stressreducer) -> Nebyla provedena žádná instrukce.
I:\BLBINKy\Blbinky-games\StressRelief.EXE (Joke.Stressreducer) -> Nebyla provedena žádná instrukce.

(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.31.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jaroslav :: IVCA [administrátor]

Ochrana: Povolena

1.1.2014 19:10:49
MBAM-log-2014-01-01 (20-26-41).txt

Typ: Kompletní kontrola (C:\|H:\|I:\|J:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 378367
Uplynulý čas: 58 minut, 43 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 10
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Local Settings\Temp\CT1750559\ctbe.exe.vir (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Local Settings\Temp\CT1750559\ffLogic.exe.vir (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Local Settings\Temp\CT1750559\statisticsStub.exe.vir (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Nebyla provedena žádná instrukce.
C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
C:\Program Files\DAEMON Tools\SetupDTSB.exe (Adware.WhenU) -> Nebyla provedena žádná instrukce.
C:\Program Files\IDM Computer Solutions\UltraEdit\ue32ctmn.bmp (Extension.Mismatch) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{1A68451E-776C-4106-A339-98642F108187}\RP558\A0188114.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
H:\Hry\StressRelief.EXE (Joke.Stressreducer) -> Nebyla provedena žádná instrukce.
I:\BLBINKy\Blbinky-games\StressRelief.EXE (Joke.Stressreducer) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Tyto dve veci necham na vas, pokud to znate, muzete nechat

H:\Hry\StressRelief.EXE (Joke.Stressreducer) -> Nebyla provedena žádná instrukce.
I:\BLBINKy\Blbinky-games\StressRelief.EXE (Joke.Stressreducer) -> Nebyla provedena žádná instrukce.

Zbytek nalezu nechte odstranit, pak MBAM odinstalujte.

Jelikoz je havet i v bodech obnovy, vymazte je http://forum.viry.cz/viewtopic.php?f=46&t=47040


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[Iveta2]

Doufám, že jsem veškerou havěť vyhubila a tohle zahlásil RogueKiller:
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jaroslav [Práva správce]
Mód : Kontrola -- Datum : 01/03/2014 15:02:12
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{E83DD611-3449-48A0-9673-3BC22C055796} : NameServer (160.218.161.60 160.218.167.5 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[DNS][PUM] HKLM\[...]\CS001\[...]\{E83DD611-3449-48A0-9673-3BC22C055796} : NameServer (160.218.161.60 160.218.167.5 [EUROPEAN UNION (EU) - EUROPEAN UNION (EU)]) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[All Users][SUSP UNIC] Microsoft Office.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk [-] -> NALEZENO
[Jaroslav][SUSP UNIC] OpenOffice.org 2.2.lnk : C:\Documents and Settings\Jaroslav\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.2.lnk [-] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600JB-00REA0 +++++
--- User ---
[MBR] ca64bcc085d4dfcd590cf54c993ba891
[BSP] 52cde6e95ca6b4d3498e1aa6222aed1e : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 81915435 | Size: 112627 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) ADATA USB Flash Drive USB Device +++++
--- User ---
[MBR] 1d07f21d8a44b377b69dd908aeaafae0
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 48 | Size: 14967 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_01032014_150212.txt >>

[Márty84]

Taky doufam Ale i kdyby ne, zabiju ji na konci, az budu mazat skriptem


Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[Iveta2]

1.zpráva od RogueKilleru
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jaroslav [Práva správce]
Mód : Odebrat -- Datum : 01/03/2014 19:41:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 2 ¤¤¤
[All Users][SUSP UNIC] Microsoft Office.lnk : C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk [-] -> VYMAZÁNO
[Jaroslav][SUSP UNIC] OpenOffice.org 2.2.lnk : C:\Documents and Settings\Jaroslav\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.2.lnk [-] -> VYMAZÁNO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1600JB-00REA0 +++++
--- User ---
[MBR] ca64bcc085d4dfcd590cf54c993ba891
[BSP] 52cde6e95ca6b4d3498e1aa6222aed1e : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 81915435 | Size: 112627 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) ADATA USB Flash Drive USB Device +++++
--- User ---
[MBR] 1d07f21d8a44b377b69dd908aeaafae0
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 48 | Size: 14967 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_D_01032014_194154.txt >>
RKreport[0]_S_01032014_150212.txt;RKreport[0]_S_01032014_194147.txt



a 2.zpráva
RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Jaroslav [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/03/2014 19:43:11
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0xc0000033] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_01032014_194311.txt >>
RKreport[0]_D_01032014_194154.txt;RKreport[0]_S_01032014_150212.txt;RKreport[0]_S_01032014_194147.txt

[Márty84]

Dejte novy log z RSIT

[Iveta2]

Nové RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jaroslav at 2014-01-05 20:04:04
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 15 GB (38%) free of 40 GB
Total RAM: 1023 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:28, on 5.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jaroslav\Plocha\RSIT.exe
C:\Program Files\trend micro\Jaroslav.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://tn.cz
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Windows Internet Explorer: TV Nova
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [exflashservice] "C:\Program Files\EPOX\EFS\EZ_FLASH_SERVICE.exe" "5000"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E83DD611-3449-48A0-9673-3BC22C055796}: NameServer = 160.218.161.60 160.218.167.5
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Jaroslav/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg

--
End of file - 6880 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.cz/"
prefs.js - "extensions.enabledItems" - "wrc@avast.com:20110101, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"
prefs.js - "keyword.URL" - "http://search.tb.ask.com/search/GGmain. ... searchfor="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll

C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\extensions\
89ffxtbr@SafePCRepair_89.com

C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\
ask-web-search.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
"nwiz"=nwiz.exe /install []
"exflashservice"=C:\Program Files\EPOX\EFS\EZ_FLASH_SERVICE.exe [2006-05-02 408064]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
"SNPSTD2"=C:\WINDOWS\vsnpstd2.exe [2004-06-10 286720]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-04-15 119608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.MP42"=mpg4c32.dll
"VIDC.MPG4"=mpg4c32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\WudfRd.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\WudfPf.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\ws2ifsl.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\wpdusb.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\wmilib.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys.bak
2014-01-03 15:02:06 ----A---- C:\WINDOWS\system32\drivers\watv10nt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\watv06nt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\wadv11nt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\wadv09nt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\wadv08nt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\wadv07nt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\wacompen.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys.bak
2014-01-03 15:02:05 ----A---- C:\WINDOWS\system32\drivers\viaagp.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\vga.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\vdmindvd.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbport.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys.bak
2014-01-03 15:02:04 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usbd.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usbaudio.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usb8023x.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys.bak
2014-01-03 15:02:03 ----A---- C:\WINDOWS\system32\drivers\update.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\udfs.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\uagp35.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\tunmp.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\tsbvcap.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\tosdvd.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\termdd.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys.bak
2014-01-03 15:02:02 ----A---- C:\WINDOWS\system32\drivers\tdi.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\tape.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\swenum.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\streamip.sys.bak
2014-01-03 15:02:01 ----A---- C:\WINDOWS\system32\drivers\stream.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\srv.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\sr.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\sptd.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\splitter.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\snpstd2.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\smclib.sys.bak
2014-01-03 15:02:00 ----A---- C:\WINDOWS\system32\drivers\smbali.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\slwdmsup.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\slnthal.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\slntamr.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\slnt7554.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\slip.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\sisagp.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\sffp_sd.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\sffp_mmc.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\sffdisk.sys.bak
2014-01-03 15:01:59 ----A---- C:\WINDOWS\system32\drivers\serial.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\serenum.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\s3gnbm.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\rndismpx.sys.bak
2014-01-03 15:01:58 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\riodrv.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\rio8drv.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\rfcomm.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\redbook.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\recagent.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys.bak
2014-01-03 15:01:57 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys.bak
2014-01-03 15:01:56 ----A---- C:\WINDOWS\system32\drivers\rdpcdd.sys.bak
2014-01-03 15:01:56 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys.bak
2014-01-03 15:01:56 ----A---- C:\WINDOWS\system32\drivers\rawwan.sys.bak
2014-01-03 15:01:56 ----A---- C:\WINDOWS\system32\drivers\raspti.sys.bak
2014-01-03 15:01:56 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys.bak
2014-01-03 15:01:56 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\ptilink.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\psched.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\processr.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\PQNTDRV.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\portcls.sys.bak
2014-01-03 15:01:55 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\pciide.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\pci.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\parvdm.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\parport.sys.bak
2014-01-03 15:01:54 ----A---- C:\WINDOWS\system32\drivers\p3.sys.bak
2014-01-03 15:01:53 ----A---- C:\WINDOWS\system32\drivers\oprghdlr.sys.bak
2014-01-03 15:01:53 ----A---- C:\WINDOWS\system32\drivers\nwlnkspx.sys.bak
2014-01-03 15:01:53 ----A---- C:\WINDOWS\system32\drivers\nwlnknb.sys.bak
2014-01-03 15:01:53 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys.bak
2014-01-03 15:01:52 ----A---- C:\WINDOWS\system32\drivers\nwlnkfwd.sys.bak
2014-01-03 15:01:52 ----A---- C:\WINDOWS\system32\drivers\nwlnkflt.sys.bak
2014-01-03 15:01:52 ----A---- C:\WINDOWS\system32\drivers\nvata.sys.bak
2014-01-03 15:01:51 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys.bak
2014-01-03 15:01:51 ----A---- C:\WINDOWS\system32\drivers\null.sys.bak
2014-01-03 15:01:51 ----A---- C:\WINDOWS\system32\drivers\ntmtlfax.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\npfs.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\nikedrv.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\netbt.sys.bak
2014-01-03 15:01:50 ----A---- C:\WINDOWS\system32\drivers\netbios.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\ndis.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys.bak
2014-01-03 15:01:49 ----A---- C:\WINDOWS\system32\drivers\mutohpen.sys.bak
2014-01-03 15:01:48 ----A---- C:\WINDOWS\system32\drivers\mup.sys.bak
2014-01-03 15:01:48 ----A---- C:\WINDOWS\system32\drivers\mtxparhm.sys.bak
2014-01-03 15:01:48 ----A---- C:\WINDOWS\system32\drivers\mtlstrm.sys.bak
2014-01-03 15:01:48 ----A---- C:\WINDOWS\system32\drivers\mtlmnt5.sys.bak
2014-01-03 15:01:47 ----A---- C:\WINDOWS\system32\drivers\mstee.sys.bak
2014-01-03 15:01:47 ----A---- C:\WINDOWS\system32\drivers\mssmbios.sys.bak
2014-01-03 15:01:47 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys.bak
2014-01-03 15:01:47 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys.bak
2014-01-03 15:01:46 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys.bak
2014-01-03 15:01:46 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys.bak
2014-01-03 15:01:46 ----A---- C:\WINDOWS\system32\drivers\msfs.sys.bak
2014-01-03 15:01:46 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys.bak
2014-01-03 15:01:46 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys.bak
2014-01-03 15:01:46 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys.bak
2014-01-03 15:01:45 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys.bak
2014-01-03 15:01:45 ----A---- C:\WINDOWS\system32\drivers\modem.sys.bak
2014-01-03 15:01:45 ----A---- C:\WINDOWS\system32\drivers\mnmdd.sys.bak
2014-01-03 15:01:45 ----A---- C:\WINDOWS\system32\drivers\mf.sys.bak
2014-01-03 15:01:45 ----A---- C:\WINDOWS\system32\drivers\mdmxsdk.sys.bak
2014-01-03 15:01:45 ----A---- C:\WINDOWS\system32\drivers\mcd.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\ks.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\irenum.sys.bak
2014-01-03 15:01:44 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\ip6fw.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\InCDRm.sys.bak
2014-01-03 15:01:43 ----A---- C:\WINDOWS\system32\drivers\InCDrec.sys.bak
2014-01-03 15:01:42 ----A---- C:\WINDOWS\system32\drivers\InCDPass.sys.bak
2014-01-03 15:01:42 ----A---- C:\WINDOWS\system32\drivers\InCDfs.sys.bak
2014-01-03 15:01:42 ----A---- C:\WINDOWS\system32\drivers\imapi.sys.bak
2014-01-03 15:01:42 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys.bak
2014-01-03 15:01:42 ----A---- C:\WINDOWS\system32\drivers\http.sys.bak
2014-01-03 15:01:41 ----A---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys.bak
2014-01-03 15:01:41 ----A---- C:\WINDOWS\system32\drivers\hsfcxts2.sys.bak
2014-01-03 15:01:41 ----A---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys.bak
2014-01-03 15:01:41 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys.bak
2014-01-03 15:01:41 ----A---- C:\WINDOWS\system32\drivers\hidir.sys.bak
2014-01-03 15:01:40 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys.bak
2014-01-03 15:01:40 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys.bak
2014-01-03 15:01:40 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys.bak
2014-01-03 15:01:40 ----A---- C:\WINDOWS\system32\drivers\gagp30kx.sys.bak
2014-01-03 15:01:40 ----A---- C:\WINDOWS\system32\drivers\ftdisk.sys.bak
2014-01-03 15:01:40 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys.bak
2014-01-03 15:01:39 ----A---- C:\WINDOWS\system32\drivers\fsvga.sys.bak
2014-01-03 15:01:39 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys.bak
2014-01-03 15:01:39 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys.bak
2014-01-03 15:01:39 ----A---- C:\WINDOWS\system32\drivers\fips.sys.bak
2014-01-03 15:01:39 ----A---- C:\WINDOWS\system32\drivers\fdc.sys.bak
2014-01-03 15:01:39 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys.bak
2014-01-03 15:01:38 ----A---- C:\WINDOWS\system32\drivers\EIO.sys.bak
2014-01-03 15:01:38 ----A---- C:\WINDOWS\system32\drivers\dxgthk.sys.bak
2014-01-03 15:01:38 ----A---- C:\WINDOWS\system32\drivers\dxg.sys.bak
2014-01-03 15:01:38 ----A---- C:\WINDOWS\system32\drivers\dxapi.sys.bak
2014-01-03 15:01:37 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys.bak
2014-01-03 15:01:37 ----A---- C:\WINDOWS\system32\drivers\drmk.sys.bak
2014-01-03 15:01:37 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys.bak
2014-01-03 15:01:37 ----A---- C:\WINDOWS\system32\drivers\dmload.sys.bak
2014-01-03 15:01:37 ----A---- C:\WINDOWS\system32\drivers\dmio.sys.bak
2014-01-03 15:01:35 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys.bak
2014-01-03 15:01:35 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys.bak
2014-01-03 15:01:34 ----A---- C:\WINDOWS\system32\drivers\disk.sys.bak
2014-01-03 15:01:34 ----A---- C:\WINDOWS\system32\drivers\crusoe.sys.bak
2014-01-03 15:01:33 ----A---- C:\WINDOWS\system32\drivers\cpqdap01.sys.bak
2014-01-03 15:01:33 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys.bak
2014-01-03 15:01:33 ----A---- C:\WINDOWS\system32\drivers\cinemst2.sys.bak
2014-01-03 15:01:32 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys.bak
2014-01-03 15:01:27 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys.bak
2014-01-03 15:01:27 ----A---- C:\WINDOWS\system32\drivers\cdaudio.sys.bak
2014-01-03 15:01:26 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys.bak
2014-01-03 15:01:26 ----A---- C:\WINDOWS\system32\drivers\cbidf2k.sys.bak
2014-01-03 15:01:26 ----A---- C:\WINDOWS\system32\drivers\bthusb.sys.bak
2014-01-03 15:01:26 ----A---- C:\WINDOWS\system32\drivers\bthprint.sys.bak
2014-01-03 15:01:25 ----A---- C:\WINDOWS\system32\drivers\bthport.sys.bak
2014-01-03 15:01:25 ----A---- C:\WINDOWS\system32\drivers\bthpan.sys.bak
2014-01-03 15:01:25 ----A---- C:\WINDOWS\system32\drivers\bthmodem.sys.bak
2014-01-03 15:01:25 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys.bak
2014-01-03 15:01:25 ----A---- C:\WINDOWS\system32\drivers\bridge.sys.bak
2014-01-03 15:01:24 ----A---- C:\WINDOWS\system32\drivers\Bravo_n.sys.bak
2014-01-03 15:01:24 ----A---- C:\WINDOWS\system32\drivers\Bravo_a.sys.bak
2014-01-03 15:01:24 ----A---- C:\WINDOWS\system32\drivers\beep.sys.bak
2014-01-03 15:01:24 ----A---- C:\WINDOWS\system32\drivers\audstub.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atmuni.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atmepvc.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atkkbnt.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atinxsxx.sys.bak
2014-01-03 15:01:23 ----A---- C:\WINDOWS\system32\drivers\atinxbxx.sys.bak
2014-01-03 15:01:22 ----A---- C:\WINDOWS\system32\drivers\atintuxx.sys.bak
2014-01-03 15:01:22 ----A---- C:\WINDOWS\system32\drivers\atinttxx.sys.bak
2014-01-03 15:01:22 ----A---- C:\WINDOWS\system32\drivers\atinsnxx.sys.bak
2014-01-03 15:01:22 ----A---- C:\WINDOWS\system32\drivers\atinrvxx.sys.bak
2014-01-03 15:01:22 ----A---- C:\WINDOWS\system32\drivers\atinraxx.sys.bak
2014-01-03 15:01:21 ----A---- C:\WINDOWS\system32\drivers\atinpdxx.sys.bak
2014-01-03 15:01:21 ----A---- C:\WINDOWS\system32\drivers\atinmdxx.sys.bak
2014-01-03 15:01:21 ----A---- C:\WINDOWS\system32\drivers\atinbtxx.sys.bak
2014-01-03 15:01:21 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati2mtaa.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati1xsxx.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati1xbxx.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati1tuxx.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati1ttxx.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati1snxx.sys.bak
2014-01-03 15:01:20 ----A---- C:\WINDOWS\system32\drivers\ati1rvxx.sys.bak
2014-01-03 15:01:19 ----A---- C:\WINDOWS\system32\drivers\ati1raxx.sys.bak
2014-01-03 15:01:19 ----A---- C:\WINDOWS\system32\drivers\ati1pdxx.sys.bak
2014-01-03 15:01:19 ----A---- C:\WINDOWS\system32\drivers\ati1mdxx.sys.bak
2014-01-03 15:01:19 ----A---- C:\WINDOWS\system32\drivers\ati1btxx.sys.bak
2014-01-03 15:01:18 ----A---- C:\WINDOWS\system32\drivers\atapi.sys.bak
2014-01-03 15:01:18 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys.bak
2014-01-03 15:01:18 ----A---- C:\WINDOWS\system32\drivers\ASPI32.sys.bak
2014-01-03 15:01:18 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys.bak
2014-01-03 15:01:18 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys.bak
2014-01-03 15:01:18 ----A---- C:\WINDOWS\system32\drivers\amdk7.sys.bak
2014-01-03 15:01:17 ----A---- C:\WINDOWS\system32\drivers\amdk6.sys.bak
2014-01-03 15:01:17 ----A---- C:\WINDOWS\system32\drivers\amdagp.sys.bak
2014-01-03 15:01:17 ----A---- C:\WINDOWS\system32\drivers\alim1541.sys.bak
2014-01-03 15:01:17 ----A---- C:\WINDOWS\system32\drivers\agpcpq.sys.bak
2014-01-03 15:01:17 ----A---- C:\WINDOWS\system32\drivers\agp440.sys.bak
2014-01-03 15:01:17 ----A---- C:\WINDOWS\system32\drivers\afd.sys.bak
2014-01-03 15:01:16 ----A---- C:\WINDOWS\system32\drivers\aec.sys.bak
2014-01-03 15:01:16 ----A---- C:\WINDOWS\system32\drivers\adusbser65.sys.bak
2014-01-03 15:01:16 ----A---- C:\WINDOWS\system32\drivers\adusbmdm65.sys.bak
2014-01-03 15:01:16 ----A---- C:\WINDOWS\system32\drivers\acpiec.sys.bak
2014-01-03 15:01:15 ----A---- C:\WINDOWS\system32\drivers\acpi.sys.bak
2013-12-30 11:53:59 ----D---- C:\Documents and Settings\Jaroslav\Data aplikací\Malwarebytes
2013-12-30 11:53:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-12-29 15:57:14 ----D---- C:\Program Files\Mozilla Firefox
2013-12-12 16:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 16:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 16:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 16:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 16:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$

======List of files/folders modified in the last 1 month======

2014-01-05 20:04:25 ----D---- C:\Program Files\trend micro
2014-01-05 20:03:45 ----A---- C:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6501).txt
2014-01-05 20:02:02 ----D---- C:\WINDOWS\Temp
2014-01-05 20:01:39 ----D---- C:\Documents and Settings\Jaroslav\Data aplikací\Skype
2014-01-05 20:01:11 ----A---- C:\WINDOWS\red_dialer.ini
2014-01-05 16:08:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-05 16:08:15 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-03 20:19:52 ----D---- C:\Documents and Settings\Jaroslav\Data aplikací\OpenOffice.org2
2014-01-03 19:44:23 ----D---- C:\WINDOWS\system32
2014-01-03 19:41:41 ----D---- C:\WINDOWS\system32\drivers
2014-01-03 14:52:45 ----SHD---- C:\System Volume Information
2014-01-03 14:52:45 ----D---- C:\WINDOWS\system32\Restore
2014-01-02 20:23:24 ----RD---- C:\Program Files
2014-01-02 20:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2014-01-02 20:17:33 ----D---- C:\Program Files\DaemonTools_WhenUSave_Installer
2014-01-02 20:17:33 ----D---- C:\Program Files\DAEMON Tools
2014-01-02 19:19:52 ----A---- C:\WINDOWS\wincmd.ini
2014-01-02 11:21:49 ----D---- C:\WINDOWS\Prefetch
2013-12-30 16:11:46 ----D---- C:\WINDOWS
2013-12-30 11:22:06 ----D---- C:\AdwCleaner
2013-12-29 19:30:04 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-29 16:06:53 ----D---- C:\Program Files\Webteh
2013-12-29 15:58:26 ----D---- C:\WINDOWS\Debug
2013-12-29 15:40:58 ----HD---- C:\WINDOWS\inf
2013-12-18 18:48:46 ----D---- C:\WINDOWS\Help
2013-12-18 18:43:52 ----A---- C:\WINDOWS\NeroDigital.ini
2013-12-12 16:56:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-12 16:56:01 ----D---- C:\Program Files\Internet Explorer
2013-12-12 16:55:47 ----D---- C:\WINDOWS\ie8updates
2013-12-12 16:55:12 ----D---- C:\WINDOWS\system32\MRT
2013-12-12 16:52:23 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-11 17:04:57 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-06 14:42:38 ----SHD---- C:\WINDOWS\Installer
2013-12-06 14:42:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-12-06 14:42:23 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-06-18 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-05-30 29568]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-05-30 33792]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2004-05-05 4228]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys []
R3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
R3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-06-17 83968]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2006-05-30 102656]
S3 ae6umkub;ae6umkub; C:\WINDOWS\system32\drivers\ae6umkub.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 snpstd2;VideoCAM Look; C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-07-28 334080]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TrueSight;TrueSight; \??\ []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 WINIO;WINIO; \??\C:\Program Files\MetaBench\winio.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2006-05-30 800768]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-02 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-29 119408]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

[Márty84]

Jeste jeden sken a budem mazat


Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Iveta2]

Tady je OTL:
OTL logfile created on: 5.1.2014 20:21:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jaroslav\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 338,62 Mb Available Physical Memory | 33,09% Memory free
2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 14,69 Gb Free Space | 37,61% Space Free | Partition Type: NTFS
Drive F: | 14,60 Gb Total Space | 14,55 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
Drive H: | 39,07 Gb Total Space | 3,67 Gb Free Space | 9,40% Space Free | Partition Type: NTFS
Drive I: | 39,07 Gb Total Space | 25,87 Gb Free Space | 66,22% Space Free | Partition Type: NTFS
Drive J: | 31,85 Gb Total Space | 29,57 Gb Free Space | 92,83% Space Free | Partition Type: NTFS

Computer Name: IVCA | User Name: Jaroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.05 20:20:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jaroslav\Plocha\OTL.exe
PRC - [2013.12.29 15:58:17 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.05.14 12:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.05.09 09:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.05.09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.05.30 14:20:40 | 000,800,768 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
PRC - [2005.10.18 14:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\ATKKBService.exe
PRC - [2005.07.21 03:13:42 | 001,294,442 | ---- | M] () -- C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
PRC - [2004.06.10 10:54:40 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd2.exe


========== Modules (No Company Name) ==========

MOD - [2014.01.05 10:52:14 | 002,244,608 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\14010500\algo.dll
MOD - [2013.12.29 15:58:14 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.12.11 17:04:46 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2008.04.14 04:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.04.19 12:26:00 | 000,212,992 | ---- | M] () -- C:\WINDOWS\system32\nvapi.dll
MOD - [2005.07.21 03:13:42 | 001,294,442 | ---- | M] () -- C:\Program Files\AnyDATA\EasyWirelessNet\EasyWirelessNet.exe
MOD - [2004.06.10 10:54:40 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd2.exe


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.29 15:58:15 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.11 17:05:09 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.09.05 10:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.05.14 12:26:12 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.05.09 09:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2006.05.30 14:20:40 | 000,800,768 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)
SRV - [2005.10.18 14:00:10 | 000,241,152 | ---- | M] (ASUSTeK COMPUTER INC.) [Auto | Running] -- C:\WINDOWS\ATKKBService.exe -- (ATKKeyboardService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\MetaBench\winio.sys -- (WINIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ae6umkub)
DRV - [2013.06.28 10:07:59 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.06.28 10:07:59 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.06.28 10:07:59 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.05.09 09:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 09:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 09:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 09:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.05.09 09:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.01 13:02:27 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto | Running] -- C:\WINDOWS\system32\STEC3.sys -- (STEC3)
DRV - [2007.06.18 18:44:25 | 000,639,224 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2006.06.17 13:36:32 | 000,083,968 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.05.30 14:19:12 | 000,009,984 | ---- | M] (Nero AG) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\InCDrec.sys -- (InCDrec)
DRV - [2006.05.30 14:18:52 | 000,033,792 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)
DRV - [2006.05.30 14:18:38 | 000,029,568 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)
DRV - [2006.05.30 14:18:18 | 000,102,656 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)
DRV - [2005.10.19 17:00:00 | 000,011,264 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\EIO.sys -- (EIO)
DRV - [2005.10.18 14:01:38 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\atkkbnt.sys -- (asuskbnt)
DRV - [2005.08.18 10:52:06 | 000,093,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2005.05.02 12:55:34 | 000,064,896 | R--- | M] (AnyDATA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adusbser65.sys -- (adusbser6501)
DRV - [2005.05.02 12:55:34 | 000,064,896 | R--- | M] (AnyDATA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\adusbmdm65.sys -- (adusbmdm6501)
DRV - [2005.03.09 14:53:00 | 000,042,496 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.07.28 10:49:00 | 000,334,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd2.sys -- (snpstd2)
DRV - [2004.05.05 20:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [1999.09.10 12:06:00 | 000,025,244 | R--- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.sys -- (Aspi32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://tn.cz
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://tv.nova.cz [binary data]
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes\{0DCE281A-7762-4B34-ABC4-0B4096BEB827}: "URL" = http://jyxo.cz/s?q={searchTerms}&d=cz
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes\{8D64BF56-3F49-4C73-A8D3-5C4159705ECB}: "URL" = http://nova.zlatestranky.cz/hledat?msit ... earchTerms}
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes\{CD91CA33-6A64-4C74-9BCD-4E6823961C32}: "URL" = http://vybereme.cz/s?q={searchTerms}
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask Web Search"
FF - prefs.js..browser.search.selectedEngine: "Ask Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1489
FF - prefs.js..extensions.enabledAddons: 89ffxtbr%40SafePCRepair_89.com:5.78.3.8662
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.tb: "Ask Web Search"
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.tb: "Ask Web Search"
FF - prefs.js..browser.startup.homepage: "true"
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb= ... NTL_CZE_25"
FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain. ... searchfor="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.07 11:21:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.12.29 15:57:28 | 000,000,000 | ---D | M]

[2009.06.06 10:56:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Extensions
[2013.12.30 11:47:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\extensions
[2013.12.30 11:47:04 | 000,000,000 | ---D | M] (SafePCRepair) -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\extensions\89ffxtbr@SafePCRepair_89.com
[2013.12.30 11:47:03 | 000,009,620 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\ask-web-search.xml
[2013.02.06 16:58:58 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-26.xml
[2013.02.28 13:02:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-27.xml
[2013.03.09 14:27:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-28.xml
[2013.05.01 19:52:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-29.xml
[2013.05.25 19:59:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-30.xml
[2013.08.06 18:36:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-31.xml
[2013.08.06 18:36:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-32.xml
[2013.08.19 17:41:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-33.xml
[2013.12.29 15:57:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.12.29 15:57:20 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.29 15:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.29 15:57:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.12.29 15:58:20 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JAROSLAV\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\FENXBNLB.DEFAULT\EXTENSIONS\89FFXTBR@SAFEPCREPAIR_89.COM
[2013.06.07 11:21:35 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014.01.03 19:43:11 | 000,000,741 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [exflashservice] C:\Program Files\EPOX\EFS\EZ_FLASH_SERVICE.exe (EPoX Computer CO,. LTD.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E83DD611-3449-48A0-9673-3BC22C055796}: NameServer = 160.218.161.60 160.218.167.5
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 () - file:///C:/DOCUME~1/Jaroslav/LOCALS~1/Temp/msoclip1/01/clip_image002.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.06.18 18:10:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.05 20:20:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jaroslav\Plocha\OTL.exe
[2014.01.03 15:02:06 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys.bak
[2014.01.03 15:02:06 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2014.01.03 15:02:05 | 000,081,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2014.01.03 15:02:05 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys.bak
[2014.01.03 15:02:05 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys.bak
[2014.01.03 15:02:05 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys.bak
[2014.01.03 15:02:05 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys.bak
[2014.01.03 15:02:05 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys.bak
[2014.01.03 15:02:04 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2014.01.03 15:02:04 | 000,058,112 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2014.01.03 15:02:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2014.01.03 15:02:03 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2014.01.03 15:02:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2014.01.03 15:02:03 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2014.01.03 15:02:03 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2014.01.03 15:02:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2014.01.03 15:02:02 | 000,021,376 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2014.01.03 15:02:02 | 000,019,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2014.01.03 15:02:01 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2014.01.03 15:02:01 | 000,049,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys.bak
[2014.01.03 15:02:01 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2014.01.03 15:02:00 | 000,639,224 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.bak
[2014.01.03 15:02:00 | 000,025,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2014.01.03 15:02:00 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2014.01.03 15:02:00 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys.bak
[2014.01.03 15:01:59 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys.bak
[2014.01.03 15:01:59 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys.bak
[2014.01.03 15:01:59 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys.bak
[2014.01.03 15:01:59 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys.bak
[2014.01.03 15:01:58 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys.bak
[2014.01.03 15:01:58 | 000,096,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2014.01.03 15:01:58 | 000,083,968 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys.bak
[2014.01.03 15:01:58 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys.bak
[2014.01.03 15:01:58 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2014.01.03 15:01:57 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys.bak
[2014.01.03 15:01:57 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys.bak
[2014.01.03 15:01:57 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2014.01.03 15:01:57 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2014.01.03 15:01:56 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2014.01.03 15:01:55 | 000,146,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2014.01.03 15:01:55 | 000,004,228 | ---- | C] (PowerQuest Corporation) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys.bak
[2014.01.03 15:01:54 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2014.01.03 15:01:53 | 000,088,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.bak
[2014.01.03 15:01:53 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2014.01.03 15:01:53 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2014.01.03 15:01:53 | 000,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2014.01.03 15:01:52 | 000,093,568 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys.bak
[2014.01.03 15:01:51 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys.bak
[2014.01.03 15:01:50 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys.bak
[2014.01.03 15:01:50 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2014.01.03 15:01:49 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys.bak
[2014.01.03 15:01:48 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys.bak
[2014.01.03 15:01:48 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys.bak
[2014.01.03 15:01:48 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.bak
[2014.01.03 15:01:45 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2014.01.03 15:01:45 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2014.01.03 15:01:44 | 000,141,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2014.01.03 15:01:43 | 000,033,792 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDRm.sys.bak
[2014.01.03 15:01:43 | 000,009,984 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDrec.sys.bak
[2014.01.03 15:01:42 | 000,102,656 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys.bak
[2014.01.03 15:01:42 | 000,029,568 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDPass.sys.bak
[2014.01.03 15:01:41 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2014.01.03 15:01:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2014.01.03 15:01:39 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2014.01.03 15:01:38 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2014.01.03 15:01:38 | 000,011,264 | ---- | C] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\EIO.sys.bak
[2014.01.03 15:01:38 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2014.01.03 15:01:38 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2014.01.03 15:01:37 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2014.01.03 15:01:35 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2014.01.03 15:01:33 | 000,262,528 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2014.01.03 15:01:33 | 000,049,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2014.01.03 15:01:33 | 000,011,776 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2014.01.03 15:01:26 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys.bak
[2014.01.03 15:01:24 | 000,992,896 | ---- | C] (ASMT) -- C:\WINDOWS\System32\drivers\Bravo_n.sys.bak
[2014.01.03 15:01:24 | 000,992,896 | ---- | C] (ASMT) -- C:\WINDOWS\System32\drivers\Bravo_a.sys.bak
[2014.01.03 15:01:23 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2014.01.03 15:01:23 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys.bak
[2014.01.03 15:01:23 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2014.01.03 15:01:23 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys.bak
[2014.01.03 15:01:23 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2014.01.03 15:01:23 | 000,011,008 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\System32\drivers\atkkbnt.sys.bak
[2014.01.03 15:01:22 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys.bak
[2014.01.03 15:01:22 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys.bak
[2014.01.03 15:01:22 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys.bak
[2014.01.03 15:01:22 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys.bak
[2014.01.03 15:01:22 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys.bak
[2014.01.03 15:01:21 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys.bak
[2014.01.03 15:01:21 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys.bak
[2014.01.03 15:01:21 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys.bak
[2014.01.03 15:01:21 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys.bak
[2014.01.03 15:01:20 | 000,326,912 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys.bak
[2014.01.03 15:01:20 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys.bak
[2014.01.03 15:01:20 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.bak
[2014.01.03 15:01:20 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.bak
[2014.01.03 15:01:20 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.bak
[2014.01.03 15:01:20 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys.bak
[2014.01.03 15:01:20 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.bak
[2014.01.03 15:01:19 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys.bak
[2014.01.03 15:01:19 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys.bak
[2014.01.03 15:01:19 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.bak
[2014.01.03 15:01:19 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.bak
[2014.01.03 15:01:18 | 000,042,496 | ---- | C] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\AmdK8.sys.bak
[2014.01.03 15:01:18 | 000,025,244 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.sys.bak
[2014.01.03 15:01:17 | 000,041,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys.bak
[2014.01.03 15:01:16 | 000,064,896 | ---- | C] (AnyDATA Corporation) -- C:\WINDOWS\System32\drivers\adusbser65.sys.bak
[2014.01.03 15:01:16 | 000,064,896 | ---- | C] (AnyDATA Corporation) -- C:\WINDOWS\System32\drivers\adusbmdm65.sys.bak
[2014.01.03 14:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav\Plocha\RK_Quarantine
[2013.12.30 11:53:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav\Data aplikací\Malwarebytes
[2013.12.30 11:53:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.12.30 11:48:30 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jaroslav\Plocha\mbam-setup-1.75.0.1300.exe
[2013.12.30 11:47:15 | 005,582,704 | ---- | C] (Mindspark Interactive Network) -- C:\Documents and Settings\Jaroslav\Plocha\SafePCRepairSetup.exe
[2013.12.30 11:37:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav\Plocha\CrystalDiskInfo5_0_0(1)
[2013.12.30 11:32:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav\Plocha\CrystalDiskInfo5_0_0
[2013.12.29 16:34:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Jaroslav\Recent
[2013.12.29 15:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.12.29 15:36:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jaroslav\Plocha\Plocha - bordel - přebrat
[2 C:\Documents and Settings\Jaroslav\Plocha\*.tmp files -> C:\Documents and Settings\Jaroslav\Plocha\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.01.05 20:25:37 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.05 20:20:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jaroslav\Plocha\OTL.exe
[2014.01.05 20:07:36 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.01.05 20:01:17 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2014.01.05 20:01:11 | 000,000,262 | ---- | M] () -- C:\WINDOWS\red_dialer.ini
[2014.01.05 20:00:20 | 000,088,720 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2014.01.05 20:00:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.05 20:00:16 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.05 19:59:27 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.05 15:57:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.03 19:41:40 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys.bak
[2014.01.03 19:41:40 | 000,022,271 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys.bak
[2014.01.03 19:41:40 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2014.01.03 19:41:39 | 000,011,935 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys.bak
[2014.01.03 19:41:39 | 000,011,871 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys.bak
[2014.01.03 19:41:39 | 000,011,807 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys.bak
[2014.01.03 19:41:39 | 000,011,295 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys.bak
[2014.01.03 19:41:38 | 000,081,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2014.01.03 19:41:38 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2014.01.03 19:41:37 | 000,144,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2014.01.03 19:41:35 | 000,025,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2014.01.03 19:41:35 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2014.01.03 19:41:35 | 000,005,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2014.01.03 19:41:34 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2014.01.03 19:41:34 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2014.01.03 19:41:34 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2014.01.03 19:41:33 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2014.01.03 19:41:32 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2014.01.03 19:41:32 | 000,019,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2014.01.03 19:41:32 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2014.01.03 19:41:31 | 000,049,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys.bak
[2014.01.03 19:41:30 | 000,334,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\snpstd2.sys.bak
[2014.01.03 19:41:30 | 000,095,424 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys.bak
[2014.01.03 19:41:30 | 000,025,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2014.01.03 19:41:30 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2014.01.03 19:41:30 | 000,013,240 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys.bak
[2014.01.03 19:41:30 | 000,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys.bak
[2014.01.03 19:41:29 | 000,404,990 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys.bak
[2014.01.03 19:41:29 | 000,129,535 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys.bak
[2014.01.03 19:41:28 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys.bak
[2014.01.03 19:41:28 | 000,096,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2014.01.03 19:41:27 | 000,083,968 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys.bak
[2014.01.03 19:41:27 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys.bak
[2014.01.03 19:41:26 | 000,203,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys.bak
[2014.01.03 19:41:26 | 000,030,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2014.01.03 19:41:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2014.01.03 19:41:26 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2014.01.03 19:41:25 | 000,013,776 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys.bak
[2014.01.03 19:41:24 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2014.01.03 19:41:22 | 000,146,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2014.01.03 19:41:22 | 000,004,228 | ---- | M] (PowerQuest Corporation) -- C:\WINDOWS\System32\drivers\PQNTDRV.sys.bak
[2014.01.03 19:41:21 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2014.01.03 19:41:19 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2014.01.03 19:41:18 | 000,088,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.bak
[2014.01.03 19:41:18 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2014.01.03 19:41:18 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2014.01.03 19:41:15 | 000,093,568 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys.bak
[2014.01.03 19:41:12 | 000,180,360 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys.bak
[2014.01.03 19:41:12 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys.bak
[2014.01.03 19:41:12 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2014.01.03 19:41:09 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys.bak
[2014.01.03 19:41:08 | 000,452,736 | ---- | M] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys.bak
[2014.01.03 19:41:07 | 001,309,184 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys.bak
[2014.01.03 19:41:05 | 000,126,686 | ---- | M] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys.bak
[2014.01.03 19:41:01 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2014.01.03 19:41:00 | 000,141,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2014.01.03 19:41:00 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2014.01.03 19:40:56 | 000,033,792 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDRm.sys.bak
[2014.01.03 19:40:56 | 000,009,984 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDrec.sys.bak
[2014.01.03 19:40:55 | 000,102,656 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDfs.sys.bak
[2014.01.03 19:40:55 | 000,029,568 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDPass.sys.bak
[2014.01.03 19:40:51 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2014.01.03 19:40:51 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2014.01.03 19:40:50 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2014.01.03 19:40:48 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2014.01.03 19:40:48 | 000,011,264 | ---- | M] (ASUSTeK Computer Inc.) -- C:\WINDOWS\System32\drivers\EIO.sys.bak
[2014.01.03 19:40:48 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2014.01.03 19:40:48 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2014.01.03 19:40:47 | 000,060,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2014.01.03 19:40:45 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2014.01.03 19:40:44 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2014.01.03 19:40:44 | 000,049,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2014.01.03 19:40:44 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2014.01.03 19:40:42 | 000,036,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys.bak
[2014.01.03 19:40:41 | 000,992,896 | ---- | M] (ASMT) -- C:\WINDOWS\System32\drivers\Bravo_n.sys.bak
[2014.01.03 19:40:40 | 000,992,896 | ---- | M] (ASMT) -- C:\WINDOWS\System32\drivers\Bravo_a.sys.bak
[2014.01.03 19:40:40 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2014.01.03 19:40:40 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2014.01.03 19:40:39 | 000,073,216 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys.bak
[2014.01.03 19:40:39 | 000,063,488 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys.bak
[2014.01.03 19:40:39 | 000,031,744 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys.bak
[2014.01.03 19:40:39 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2014.01.03 19:40:39 | 000,011,008 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\WINDOWS\System32\drivers\atkkbnt.sys.bak
[2014.01.03 19:40:38 | 000,028,672 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys.bak
[2014.01.03 19:40:38 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys.bak
[2014.01.03 19:40:37 | 000,104,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys.bak
[2014.01.03 19:40:37 | 000,057,856 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys.bak
[2014.01.03 19:40:37 | 000,052,224 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys.bak
[2014.01.03 19:40:37 | 000,014,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys.bak
[2014.01.03 19:40:37 | 000,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys.bak
[2014.01.03 19:40:36 | 000,701,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys.bak
[2014.01.03 19:40:36 | 000,326,912 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys.bak
[2014.01.03 19:40:35 | 000,034,735 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys.bak
[2014.01.03 19:40:34 | 000,063,663 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys.bak
[2014.01.03 19:40:34 | 000,036,463 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys.bak
[2014.01.03 19:40:34 | 000,029,455 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys.bak
[2014.01.03 19:40:34 | 000,026,367 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys.bak
[2014.01.03 19:40:34 | 000,021,343 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys.bak
[2014.01.03 19:40:33 | 000,030,671 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys.bak
[2014.01.03 19:40:33 | 000,012,047 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys.bak
[2014.01.03 19:40:32 | 000,056,623 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys.bak
[2014.01.03 19:40:32 | 000,011,615 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys.bak
[2014.01.03 19:40:28 | 000,025,244 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.sys.bak
[2014.01.03 19:40:27 | 000,042,496 | ---- | M] (Advanced Micro Devices) -- C:\WINDOWS\System32\drivers\AmdK8.sys.bak
[2014.01.03 19:40:26 | 000,041,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys.bak
[2014.01.03 19:40:21 | 000,064,896 | ---- | M] (AnyDATA Corporation) -- C:\WINDOWS\System32\drivers\adusbser65.sys.bak
[2014.01.03 19:40:21 | 000,064,896 | ---- | M] (AnyDATA Corporation) -- C:\WINDOWS\System32\drivers\adusbmdm65.sys.bak
[2014.01.03 19:35:34 | 001,662,640 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Plocha\2---Střet-králů---píseň-ledu-a-ohně-2.pdf
[2014.01.03 14:59:01 | 003,810,304 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Plocha\RogueKiller.exe
[2014.01.02 19:19:52 | 000,002,763 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.12.30 11:51:30 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Jaroslav\Plocha\mbam-setup-1.75.0.1300.exe
[2013.12.30 11:49:12 | 005,582,704 | ---- | M] (Mindspark Interactive Network) -- C:\Documents and Settings\Jaroslav\Plocha\SafePCRepairSetup.exe
[2013.12.30 11:35:07 | 001,496,172 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Plocha\CrystalDiskInfo5_0_0(1).zip
[2013.12.30 11:31:12 | 001,496,172 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Plocha\CrystalDiskInfo5_0_0.zip
[2013.12.29 19:34:54 | 001,233,962 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Plocha\adwcleaner.exe
[2013.12.18 18:43:52 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.12.13 15:10:01 | 000,180,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.11 17:04:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.12.11 17:04:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.12.09 19:11:24 | 000,046,080 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Documents and Settings\Jaroslav\Plocha\*.tmp files -> C:\Documents and Settings\Jaroslav\Plocha\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.05 20:25:37 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.03 19:34:05 | 001,662,640 | ---- | C] () -- C:\Documents and Settings\Jaroslav\Plocha\2---Střet-králů---píseň-ledu-a-ohně-2.pdf
[2014.01.03 15:02:00 | 000,334,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd2.sys.bak
[2014.01.03 14:58:42 | 003,810,304 | ---- | C] () -- C:\Documents and Settings\Jaroslav\Plocha\RogueKiller.exe
[2013.12.30 11:34:29 | 001,496,172 | ---- | C] () -- C:\Documents and Settings\Jaroslav\Plocha\CrystalDiskInfo5_0_0(1).zip
[2013.12.30 11:30:30 | 001,496,172 | ---- | C] () -- C:\Documents and Settings\Jaroslav\Plocha\CrystalDiskInfo5_0_0.zip
[2013.12.29 19:34:37 | 001,233,962 | ---- | C] () -- C:\Documents and Settings\Jaroslav\Plocha\adwcleaner.exe
[2013.10.30 09:55:50 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2013.06.28 10:07:59 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.28 10:07:59 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.28 10:07:59 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.06.07 11:21:39 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.06.07 11:21:38 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.02.15 14:54:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.02.26 15:44:27 | 000,017,452 | ---- | C] () -- C:\Documents and Settings\Jaroslav\HSM.jpg
[2009.02.04 16:07:27 | 000,000,205 | ---- | C] () -- C:\Documents and Settings\Jaroslav\default.pls
[2007.07.01 21:47:11 | 000,046,080 | ---- | C] () -- C:\Documents and Settings\Jaroslav\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013.10.17 20:33:46 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.03.10 05:43:10 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.04.02 08:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2013.10.30 16:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2007.07.01 20:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SBT
[2012.02.19 18:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.10.30 10:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\BSplayer Pro
[2012.12.17 17:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\ICQ
[2007.07.09 18:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\ICQ Toolbar

========== Purity Check ==========



========== Custom Scans ==========

< >
[2007.06.18 18:08:41 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2007.06.18 18:13:36 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.04.02 08:56:34 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2011.04.02 08:56:35 | 000,000,944 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.07.10 10:33:50 | 000,000,364 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
[2012.08.21 16:27:50 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2006.03.02 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2006.03.02 13:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 13:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 04:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 13:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 14:11:59 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=9B32416BD5988C97B6397CE0B02CAF97 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007.06.13 14:23:39 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=ED7B460B142A32097B8A8F6ECC941815 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2006.03.02 13:00:00 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 13:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: ISAPNP.SYS >
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.10.19 16:42:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 03:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 04:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 13:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2006.03.02 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2005.08.18 10:52:06 | 000,093,568 | R--- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2006.03.02 13:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 04:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 12:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008.06.20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2007.10.30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008.06.20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007.10.30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 13:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 13:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 13:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 04:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp -> ]
[4 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2007.06.18 20:20:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Adobe
[2007.07.07 18:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\AdobeUM
[2009.02.04 15:51:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Ahead
[2013.10.30 10:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\BSplayer Pro
[2007.06.18 20:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\CyberLink
[2007.07.09 17:58:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Help
[2012.12.17 17:52:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\ICQ
[2007.07.09 18:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\ICQ Toolbar
[2007.06.18 18:14:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Identities
[2009.06.28 20:35:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\IDMComp
[2007.06.18 18:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Lavasoft
[2007.06.20 11:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Macromedia
[2013.12.30 11:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Malwarebytes
[2007.10.15 16:43:35 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Microsoft
[2007.07.01 20:14:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Microsoft Web Folders
[2009.06.06 10:56:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla
[2014.01.03 20:19:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\OpenOffice.org2
[2014.01.05 20:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Skype

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2007.06.18 18:44:25 | 000,639,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2007.06.18 19:57:12 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2007.06.18 19:57:12 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2007.06.18 19:57:12 | 000,466,944 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.01.05 20:00:20 | 000,088,720 | ---- | M] () -- C:\WINDOWS\system32\nvapps.xml
[2014.01.05 20:00:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.11.14 16:42:42 | 020,584,608 | R--- | M] (Skype Technologies S.A.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.01.05 20:25:37 | 000,000,512 | ---- | M] () MD5=CA64BCC085D4DFCD590CF54C993BA891 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.10.28 15:22:20 | 000,000,847 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img\ajax-loader.gif.vir
[2013.10.28 15:22:20 | 000,001,135 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ac\img\loader-icon.png.vir
[2013.10.28 15:22:20 | 000,003,208 | ---- | M] () -- \AdwCleaner\Quarantine\C\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\Chrome\CT1750559\content\tb\al\ui\gf\img\loader.gif.vir
[2012.12.04 17:00:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.12.04 17:00:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\normal\loader_30fps.gif
[2012.12.04 17:00:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2006.05.23 12:33:40 | 000,106,496 | ---- | M] () -- \Program Files\Common Files\Ahead\Lib\NeGuideStoreLoader.dll
[2011.04.15 13:24:45 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.04.15 13:24:46 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.04.15 13:24:45 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.15 13:28:28 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.04.15 13:28:38 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.04.15 13:28:43 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2007.03.21 21:51:50 | 000,023,552 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\javaloader.uno.dll
[2007.03.22 14:15:18 | 000,005,226 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.py
[2007.03.22 02:42:18 | 000,015,872 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.dll
[2007.03.22 14:41:34 | 000,000,145 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\pythonloader.uno.ini
[2007.03.21 21:51:50 | 000,018,432 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\shlibloader.uno.dll
[2007.03.22 02:28:52 | 000,003,199 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\unoloader.jar
[2006.03.02 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2007.03.22 00:56:44 | 000,188,993 | ---- | M] () -- \Program Files\OpenOffice.org 2.2\program\classes\serializer.jar
[2006.03.02 13:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2008.04.14 03:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2006.03.02 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 03:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[2014.01.03 19:41:28 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys.bak

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9AB338B9

< End of report >

[Iveta2]

A tady Extras:
OTL Extras logfile created on: 5.1.2014 20:21:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jaroslav\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 338,62 Mb Available Physical Memory | 33,09% Memory free
2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,50% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 14,69 Gb Free Space | 37,61% Space Free | Partition Type: NTFS
Drive F: | 14,60 Gb Total Space | 14,55 Gb Free Space | 99,64% Space Free | Partition Type: FAT32
Drive H: | 39,07 Gb Total Space | 3,67 Gb Free Space | 9,40% Space Free | Partition Type: NTFS
Drive I: | 39,07 Gb Total Space | 25,87 Gb Free Space | 66,22% Space Free | Partition Type: NTFS
Drive J: | 31,85 Gb Total Space | 29,57 Gb Free Space | 92,83% Space Free | Partition Type: NTFS

Computer Name: IVCA | User Name: Jaroslav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1123561945-926492609-839522115-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home -- (Nero AG)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\ICQ7.4\ICQ.exe" = C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4 -- (ICQ, LLC.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{00030405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Small Business
"{00040405-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 - Disk 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}" = ASUS Enhanced Display Driver
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{6621E927-8AB8-47EA-915B-4E4769BFE688}" = OpenOffice.org 2.2
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114070993}" = Family Restaurant
"{8418FE6C-36B5-4023-8704-5DC2F21BB2E8}" = UltraEdit 15.00
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.3 - Czech
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}" = VideoCAM Look
"{F17F7703-1E72-40C1-A0DD-E5B365661029}" = Nero 7 Essentials
"101 Dino Pets" = 101 Dino Pets 1.0
"866d52967205b177710c450f2f7eea49187731047" = Křížem krážem staletími
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA32_is1" = AIDA32 v3.93
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Easy Wireless Net" = Easy Wireless Net V1.18
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"Imager" = Imager 2.6 - Freeware graphics viewer
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"InstallShield_{3C3B2C97-0DAB-482F-9C95-6610827210E3}" = ASUS nVIDIA Driver
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Totalcmd" = Total Commander (Remove or Repair)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 6.2.2009 11:40:54 | Computer Name = IVCA | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 15.7.2013 6:16:01 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 9.0.0.2823, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.7.2013 6:16:04 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 9.0.0.2823, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 15.7.2013 7:58:34 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 9.0.0.2823, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.7.2013 11:16:33 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 22.0.0.4917, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.7.2013 11:16:33 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 22.0.0.4917, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 21.7.2013 14:19:18 | Computer Name = IVCA | Source = Application Error | ID = 1000
Description = Chybující aplikace winword.exe, verze 9.0.0.2823, chybující modul
mso9.dll, verze 9.0.0.2812, adresa chyby 0x0000328f.

Error - 11.8.2013 12:14:08 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 9.0.0.2823, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.8.2013 12:14:11 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 9.0.0.2823, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.8.2013 12:14:49 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace WINWORD.EXE, verze 9.0.0.2823, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 11.8.2013 12:25:05 | Computer Name = IVCA | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 23.0.0.4959, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

[ System Events ]
Error - 25.12.2013 10:51:58 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 26.12.2013 13:57:47 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 29.12.2013 10:36:27 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 29.12.2013 12:01:00 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 29.12.2013 14:44:26 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 31.12.2013 10:52:10 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 31.12.2013 16:08:35 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 2.1.2014 11:25:09 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 3.1.2014 6:24:43 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.

Error - 5.1.2014 9:00:03 | Computer Name = IVCA | Source = Windows Update Agent | ID = 20
Description = Instalace se nezdařila: Instalace následující aktualizace se nezdařila
z důvodu chyby (0x800b0100): nVidia - Other hardware - NVIDIA GeForce 7300 GS.


< End of report >

[Márty84]

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
Skype C2C Service
gupdate
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1123561945-926492609-839522115-1004\..\SearchScopes\{0DCE281A-7762-4B34-ABC4-0B4096BEB827}: "URL" = http://jyxo.cz/s?q={searchTerms}&d=cz
FF - prefs.js..browser.search.defaultenginename: "Ask Web Search"
FF - prefs.js..browser.search.selectedEngine: "Ask Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.tb: "Ask Web Search"
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.savedPrev: "true"
FF - prefs.js..extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.tb: "Ask Web Search"
FF - prefs.js..browser.startup.homepage: "true"
FF - prefs.js..browser.startup.homepage: "http://home.tb.ask.com/index.jhtml?ptb=B01AA0A8-FC08-48C3-AA5B-0EF74B03EBCB&n=77fdd1c3&p2=^AW7^xdm055^S07867^cz&si=YO_SAF_INTL_CZE_25"
FF - prefs.js..keyword.URL: "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=B01AA0A8-FC08-48C3-AA5B-0EF74B03EBCB&n=77fdd1c3&ind=2013123011&p2=^AW7^xdm055^S07867^cz&si=YO_SAF_INTL_CZE_25&searchfor="
FF - user.js - File not found
[2013.12.30 11:47:03 | 000,009,620 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\ask-web-search.xml
[2013.02.06 16:58:58 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-26.xml
[2013.02.28 13:02:39 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-27.xml
[2013.03.09 14:27:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-28.xml
[2013.05.01 19:52:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-29.xml
[2013.05.25 19:59:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-30.xml
[2013.08.06 18:36:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-31.xml
[2013.08.06 18:36:54 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-32.xml
[2013.08.19 17:41:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\searchplugins\icqplugin-33.xml
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\JAROSLAV\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\FENXBNLB.DEFAULT\EXTENSIONS\89FFXTBR@SAFEPCREPAIR_89.COM
[2013.12.30 11:47:04 | 000,000,000 | ---D | M] (SafePCRepair) -- C:\Documents and Settings\Jaroslav\Data aplikací\Mozilla\Firefox\Profiles\fenxbnlb.default\extensions\89ffxtbr@SafePCRepair_89.com
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E83DD611-3449-48A0-9673-3BC22C055796}: NameServer = 160.218.161.60 160.218.167.5
[2 C:\Documents and Settings\Jaroslav\Plocha\*.tmp files -> C:\Documents and Settings\Jaroslav\Plocha\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[2007.07.09 18:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\ICQ Toolbar
[1 C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\d466afb6be5767b9d088613852f47744\*.tmp -> ]
[4 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[2007.06.18 18:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jaroslav\Data aplikací\Lavasoft
@Alternate Data Stream - 136 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9AB338B9

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.