VIRY.CZ

Zdravím...
Mám tu jeden komp který je veřejně přístupný v hospodě... Důležitost je tedy zásadní
I tak bych Vás požádal o pomoc... Nejde takřka nic. Všechno spomalené.. Ale dost...
Děkuji za pomoc.
žádný spěch.. máme času dost.


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-02-2014
Ran by Jára at 2014-02-10 21:00:58
Running from C:\Documents and Settings\Jára\Dokumenty\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.2 - Czech (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615 - Adobe Systems, Inc.)
Aktualizace systému Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB978506) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows Internet Explorer 8 (KB980182) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Aktualizace systému Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2803821) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2803821-v2) (Version: - Microsoft Corporation)
Aktualizace zabezpečení aplikace Windows Media Player (KB2845142) (Version: - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2482017) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2497640) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2510531) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2530548) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2544521) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2559049) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2586448) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2618444) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2647516) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2675157) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2699988) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2744842) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2761465) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2792100) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2797052) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2799329) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2809289) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2817183) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2829530) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2838727) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2846071) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2847204) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2862772) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2870699) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2879017) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2888505) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2898785) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2753842) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2753842-v2) (Version: 2 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2757638) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2758857) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2761226) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2770660) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2778344) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2779030) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2780091) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2799494) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2802968) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2807986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2808735) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813170) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2813345) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820197) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2820917) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2829361) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2834886) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2839229) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2845187) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2847311) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2849470) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850851) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2850869) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2859537) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862152) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862330) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2862335) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2864063) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868038) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2868626) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876217) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876315) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2876331) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2883150) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2892075) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893294) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2893984) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2898715) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2900986) (Version: 1 - Microsoft Corporation)
Aktualizace zabezpečení systému Windows XP (KB2914368) (Version: 1 - Microsoft Corporation)
avast! Free Antivirus (Version: 8.0.1489.0 - AVAST Software)
C-Media PCI Audio Device (Version: - )
Codec Pack - All In 1 6.0.3.0 (Version: - )
Compatibility Pack for the 2007 Office system (Version: 12.0.6021.5000 - Microsoft Corporation)
Drakensang Online (Version: - )
Google Chrome (HKCU Version: 13.0.782.112 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (CSY) (Version: 3.5.30729 - Microsoft) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Client Profile - Language Pack (CSY) (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Client Profile - Language Pack (CSY) (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework Client Profile – jazyková sada – CSY (Version: 3.5 - )
Microsoft .NET Framework Client Profile (Version: 3.5 - )
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional (Version: 10.0.2627.12 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation)
Multimedia Card Reader (Version: 1.06 - )
Multimedia Card Reader (Version: 1.06 - ) Hidden
O2 Internet Konfigurator (Version: - )
Oprava Hotfix systému Windows XP (KB2779562) (Version: 1 - Microsoft Corporation)
Oprava Hotfix systému Windows XP (KB961118) (Version: 1 - Microsoft Corporation)
PC Tools Registry Mechanic 11.0 (Version: 11.0 - PC Tools)
PDFCreator (Version: 0.9.3 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v1.1.1 (Version: 1.1.1 - Spigot, Inc.) <==== ATTENTION
QIP 2005 8095 (HKCU Version: 8095 - )
QuickTime (Version: 7.62.14.0 - Apple Inc.)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.23.0000 - Realtek)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
TuneUp Utilities 2013 (Version: 13.0.3020.6 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.3020.6 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (cs-CZ) (Version: 13.0.3020.6 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (Version: 5.64 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)

==================== Restore Points =========================

10-02-2014 12:00:00 Kontrolní bod systému

==================== Hosts content: ==========================

2001-10-25 12:00 - 2001-10-25 12:00 - 00000737 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job => C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RMSchedule.job => C:\Program Files\PC Tools Registry Mechanic\RegMech.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-10 12:01 - 2014-02-10 09:38 - 02264576 _____ () C:\Program Files\Alwil Software\Avast5\defs\14021000\algo.dll
2009-08-26 20:42 - 2001-10-28 16:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll
2011-08-09 18:49 - 2011-08-06 04:20 - 00327736 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\locales\cs.dll
2011-08-09 18:49 - 2011-08-06 04:21 - 04118072 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\pdf.dll
2011-08-09 18:49 - 2011-08-06 04:21 - 00400440 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll
2011-08-09 18:49 - 2011-08-06 04:19 - 01846344 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
2011-08-09 18:49 - 2011-08-06 04:20 - 00104520 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\avutil-50.dll
2011-08-09 18:49 - 2011-08-06 04:19 - 00203848 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\avformat-52.dll
2011-08-09 18:49 - 2011-08-06 02:29 - 06338720 _____ () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\gcswf32.dll

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/08/2014 11:46:06 PM) (Source: Application Error) (User: )
Description: Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul gcswf32.dll, verze 10.3.183.5, adresa chyby 0x0013e876.
Zpracování události, specifické pro médium ([chrome.exe!ws!])

Error: (02/01/2014 02:29:22 AM) (Source: Application Error) (User: )
Description: Chybující aplikace chrome.exe, verze 0.0.0.0, chybující modul unknown, verze 0.0.0.0, adresa chyby 0x03c801cd.
Zpracování události, specifické pro médium ([chrome.exe!ws!])

Error: (01/23/2014 02:23:59 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (01/03/2014 10:23:46 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (01/03/2014 10:23:45 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (01/03/2014 10:23:42 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (01/03/2014 10:23:34 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace chrome.exe, verze 0.0.0.0, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error: (12/30/2013 01:05:04 PM) (Source: Application Hang) (User: )
Description: Zablokovaná aplikace OneClick.exe, verze 13.0.3020.6, zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (02/08/2014 11:46:06 PM) (Source: Application Error)(User: )
Description: chrome.exe0.0.0.0gcswf32.dll10.3.183.50013e876

Error: (02/01/2014 02:29:22 AM) (Source: Application Error)(User: )
Description: chrome.exe0.0.0.0unknown0.0.0.003c801cd

Error: (01/23/2014 02:23:59 PM) (Source: Application Hang)(User: )
Description: chrome.exe0.0.0.0hungapp0.0.0.000000000

Error: (01/03/2014 10:23:46 PM) (Source: Application Hang)(User: )
Description: chrome.exe0.0.0.0hungapp0.0.0.000000000

Error: (01/03/2014 10:23:45 PM) (Source: Application Hang)(User: )
Description: chrome.exe0.0.0.0hungapp0.0.0.000000000

Error: (01/03/2014 10:23:42 PM) (Source: Application Hang)(User: )
Description: chrome.exe0.0.0.0hungapp0.0.0.000000000

Error: (01/03/2014 10:23:34 PM) (Source: Application Hang)(User: )
Description: chrome.exe0.0.0.0hungapp0.0.0.000000000

Error: (12/30/2013 01:05:04 PM) (Source: Application Hang)(User: )
Description: OneClick.exe13.0.3020.6hungapp0.0.0.000000000


==================== Memory info ===========================

Percentage of memory in use: 74%
Total physical RAM: 510.22 MB
Available physical RAM: 130.11 MB
Total Pagefile: 865.2 MB
Available Pagefile: 291.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1957.67 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:9.3 GB) (Free:0.91 GB) FAT32 ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 9 GB) (Disk ID: CAB4CAB4)
Partition 1: (Active) - (Size=9 GB) - (Type=0C)

==================== End Of Log ============================

Zdravim

Log FRST.txt napovi vic, dejte mi jej sem prosim

Hned jak se dostanu do baru, pošlu. Zatím díky

OK

Tady to je...
Ještě jsem to prohnal regcleanerem.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014
Ran by Jára (administrator) on GOGOTEAM-E93E1D on 10-02-2014 20:58:21
Running from C:\Documents and Settings\Jára\Dokumenty\Downloads
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Alcor Micro, Corp.) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(Apple Inc.) C:\Program Files\QuickTime\qttask.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
(Spotify Ltd) C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\OneClick.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TUDefragBackend32.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Sunkist2k] - C:\Program Files\Multimedia Card Reader\shwicon2k.exe [135168 2004-08-06] (Alcor Micro, Corp.)
HKLM\...\Run: [TO2SSM_McciTrayApp] - C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [CmPCIaudio] - RunDll32 CMICNFG3.cpl,CMICtrlWnd
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-03] (Google Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Google Update] - C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-03-30] (Google Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify] - C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe [5951488 2014-01-12] (Spotify Ltd)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify Web Helper] - C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-12] (Spotify Ltd)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\MountPoints2: {21311720-4df2-11de-8359-00b0d0ed8685} - I:\RECYCLER.exe O:\
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKCU - (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

Chrome:
=======
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Chrome NaCl) - C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R3 cmuda3; C:\WINDOWS\System32\drivers\cmudax3.sys [1512960 2009-03-18] (C-Media Inc)
R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel(R) Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
R1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SunkFilt62; C:\WINDOWS\System32\Drivers\sunkfilt62.sys [46536 2004-07-23] (Alcor Micro, Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SunkFilt6; \??\C:\WINDOWS\System32\Drivers\sunkfilt6.sys [X]
S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-10 20:58 - 2014-02-10 20:58 - 00000000 ____D () C:\FRST
2014-02-08 11:17 - 2014-02-08 11:17 - 00000000 __SHD () C:\FOUND.004
2014-01-25 11:47 - 2014-01-25 11:47 - 00000000 __SHD () C:\FOUND.003
2014-01-16 06:39 - 2014-01-16 06:39 - 00004366 _____ () C:\WINDOWS\KB2914368.log
2014-01-16 06:39 - 2014-01-16 06:39 - 00000000 ___HD () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-12 15:16 - 2014-01-12 15:16 - 00000000 ____D () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Spotify
2014-01-12 15:15 - 2014-01-12 15:15 - 00001734 _____ () C:\Documents and Settings\Jára\Nabídka Start\Programy\Spotify.lnk
2014-01-12 15:15 - 2014-01-12 15:15 - 00001728 _____ () C:\Documents and Settings\Jára\Plocha\Spotify.lnk
2014-01-12 15:14 - 2014-01-12 15:14 - 00000000 ____D () C:\Documents and Settings\Jára\Data aplikací\Spotify

==================== One Month Modified Files and Folders =======

2014-02-10 20:58 - 2014-02-10 20:58 - 00000000 ____D () C:\FRST
2014-02-10 20:42 - 2012-02-08 19:00 - 00006364 _____ () C:\WINDOWS\system32\AppLog.log
2014-02-10 20:42 - 2012-02-08 17:28 - 00000272 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2014-02-10 20:34 - 2010-12-03 17:41 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 20:16 - 2012-04-18 12:58 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-10 15:07 - 2012-11-15 17:47 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-02-10 13:09 - 2010-12-03 17:41 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 13:09 - 2010-01-05 16:14 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2014-02-10 11:56 - 2009-05-16 13:48 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-10 11:56 - 2009-05-16 13:18 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-10 11:55 - 2001-10-25 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-09 21:19 - 2013-07-24 10:51 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-02-09 21:19 - 2009-05-16 13:54 - 00000272 ___SH () C:\Documents and Settings\Jára\ntuser.ini
2014-02-09 21:19 - 2009-05-16 13:48 - 00032558 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-09 21:19 - 2009-05-16 13:18 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-02-09 21:17 - 2009-05-16 13:32 - 01441674 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-09 11:28 - 2011-08-10 11:23 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job
2014-02-08 11:17 - 2014-02-08 11:17 - 00000000 __SHD () C:\FOUND.004
2014-02-05 20:16 - 2012-04-18 12:58 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 20:16 - 2011-10-04 18:31 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-01-25 11:47 - 2014-01-25 11:47 - 00000000 __SHD () C:\FOUND.003
2014-01-24 15:07 - 2011-01-11 20:16 - 00001604 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-01-24 15:07 - 2009-05-16 13:34 - 00002504 _____ () C:\WINDOWS\system32\CONFIG.NT
2014-01-21 13:12 - 2013-07-28 00:34 - 00007830 _____ () C:\WINDOWS\wmsetup.log
2014-01-16 06:40 - 2010-03-12 11:07 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 06:39 - 2014-01-16 06:39 - 00004366 _____ () C:\WINDOWS\KB2914368.log
2014-01-16 06:39 - 2014-01-16 06:39 - 00000000 ___HD () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-16 06:39 - 2013-07-11 10:20 - 00228482 _____ () C:\WINDOWS\iis6.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00095914 _____ () C:\WINDOWS\tsoc.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00070472 _____ () C:\WINDOWS\comsetup.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00066156 _____ () C:\WINDOWS\msmqinst.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00042703 _____ () C:\WINDOWS\ntdtcsetup.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00036822 _____ () C:\WINDOWS\netfxocm.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00014450 _____ () C:\WINDOWS\MedCtrOC.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00013124 _____ () C:\WINDOWS\ocmsn.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00010574 _____ () C:\WINDOWS\tabletoc.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00010506 _____ () C:\WINDOWS\msgsocm.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-01-16 06:39 - 2013-07-11 10:19 - 00210221 _____ () C:\WINDOWS\FaxSetup.log
2014-01-16 06:39 - 2013-07-11 10:19 - 00100504 _____ () C:\WINDOWS\ocgen.log
2014-01-12 15:16 - 2014-01-12 15:16 - 00000000 ____D () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Spotify
2014-01-12 15:15 - 2014-01-12 15:15 - 00001734 _____ () C:\Documents and Settings\Jára\Nabídka Start\Programy\Spotify.lnk
2014-01-12 15:15 - 2014-01-12 15:15 - 00001728 _____ () C:\Documents and Settings\Jára\Plocha\Spotify.lnk
2014-01-12 15:14 - 2014-01-12 15:14 - 00000000 ____D () C:\Documents and Settings\Jára\Data aplikací\Spotify

Files to move or delete:
====================
C:\Documents and Settings\QIP\unins000.dat
C:\Documents and Settings\QIP\unins000.exe
C:\Documents and Settings\QIP\qip.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2004-08-17 14:49] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2004-08-17 14:49] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-17 14:44] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
  HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
  HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-03] (Google Inc.)
  HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Google Update] - C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-03-30] (Google Inc.)
  HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify] - C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe [5951488 2014-01-12] (Spotify Ltd)
  HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify Web Helper] - C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-12] (Spotify Ltd)
  HKU\S-1-5-21-73586283-813497703-839522115-1003\...\MountPoints2: {21311720-4df2-11de-8359-00b0d0ed8685} - I:\RECYCLER.exe O:\
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  URLSearchHook: HKCU - (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
  SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
  
  2014-02-10 20:42 - 2012-02-08 17:28 - 00000272 _____ () C:\WINDOWS\Tasks\RMSchedule.job
  2014-02-10 20:34 - 2010-12-03 17:41 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  2014-02-10 20:16 - 2012-04-18 12:58 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  2014-02-10 15:07 - 2012-11-15 17:47 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
  2014-02-10 13:09 - 2010-12-03 17:41 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  2014-02-10 13:09 - 2010-01-05 16:14 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Při spuštění FRST a kliknutí fix se to vždycky kousne.. FRST je potřeba zavřít.. blba bla...
Vyhodilo to tenhle log do Fixlog.txt


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-02-2014 01
Ran by Jára at 2014-02-13 16:38:36 Run:8
Running from C:\Documents and Settings\Jára\Dokumenty\Downloads\FRST-OlderVersion\FRST-OlderVersion
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-03] (Google Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Google Update] - C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-03-30] (Google Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify] - C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe [5951488 2014-01-12] (Spotify Ltd)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify Web Helper] - C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-12] (Spotify Ltd)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\MountPoints2: {21311720-4df2-11de-8359-00b0d0ed8685} - I:\RECYCLER.exe O:\

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKCU - (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File

2014-02-10 20:42 - 2012-02-08 17:28 - 00000272 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2014-02-10 20:34 - 2010-12-03 17:41 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 20:16 - 2012-04-18 12:58 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-10 15:07 - 2012-11-15 17:47 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-02-10 13:09 - 2010-12-03 17:41 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 13:09 - 2010-01-05 16:14 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Unable to delete value
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Unable to delete value
HKU\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => Unable to delete value
HKU\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Unable to delete value
HKU\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Unable to delete value
HKU\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify => Unable to delete value
HKU\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => Unable to delete value
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685} => Key not found.
HKCR\CLSID\{21311720-4df2-11de-8359-00b0d0ed8685} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Unable to delete value
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} => Unable to delete value
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCR\Wow6432Node\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} => Unable to delete value
HKCR\CLSID\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} => Key not found.
"C:\WINDOWS\Tasks\RMSchedule.job" => File/Directory not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => File/Directory not found.
"C:\WINDOWS\Tasks\Adobe Flash Player Updater.job" => File/Directory not found.
"C:\WINDOWS\Tasks\avast! Emergency Update.job" => File/Directory not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => File/Directory not found.
"C:\WINDOWS\Tasks\WGASetup.job" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

Po resetu zmizel logo frst a je tam tenhle log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014
Ran by Jára (administrator) on GOGOTEAM-E93E1D on 10-02-2014 20:58:21
Running from C:\Documents and Settings\Jára\Dokumenty\Downloads
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(PC Tools) C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Alcor Micro, Corp.) C:\Program Files\Multimedia Card Reader\shwicon2k.exe
(Motive Communications, Inc.) C:\Program Files\TO2SSM\McciTrayApp.exe
(Apple Inc.) C:\Program Files\QuickTime\qttask.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
(Spotify Ltd) C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\OneClick.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TUDefragBackend32.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Sunkist2k] - C:\Program Files\Multimedia Card Reader\shwicon2k.exe [135168 2004-08-06] (Alcor Micro, Corp.)
HKLM\...\Run: [TO2SSM_McciTrayApp] - C:\Program Files\TO2SSM\McciTrayApp.exe [1473536 2008-08-15] (Motive Communications, Inc.)
HKLM\...\Run: [CmPCIaudio] - RunDll32 CMICNFG3.cpl,CMICtrlWnd
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [413696 2009-05-26] (Apple Inc.)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-03] (Google Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Google Update] - C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-03-30] (Google Inc.)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify] - C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe [5951488 2014-01-12] (Spotify Ltd)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\Run: [Spotify Web Helper] - C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-12] (Spotify Ltd)
HKU\S-1-5-21-73586283-813497703-839522115-1003\...\MountPoints2: {21311720-4df2-11de-8359-00b0d0ed8685} - I:\RECYCLER.exe O:\
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
URLSearchHook: HKCU - (No Name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

Chrome:
=======
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Chrome NaCl) - C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\WINDOWS\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\WINDOWS\system32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R3 cmuda3; C:\WINDOWS\System32\drivers\cmudax3.sys [1512960 2009-03-18] (C-Media Inc)
R3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation)
R3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel(R) Corporation)
S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel(R) Corporation)
S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel(R) Corporation)
S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel(R) Corporation)
S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel(R) Corporation)
S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel(R) Corporation)
S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel(R) Corporation)
S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel(R) Corporation)
S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel(R) Corporation)
S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel(R) Corporation)
S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel(R) Corporation)
S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel(R) Corporation)
S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel(R) Corporation)
S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel(R) Corporation)
S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel(R) Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA))
R1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46592 2008-04-14] (Microsoft Corporation)
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SunkFilt62; C:\WINDOWS\System32\Drivers\sunkfilt62.sys [46536 2004-07-23] (Alcor Micro, Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SunkFilt6; \??\C:\WINDOWS\System32\Drivers\sunkfilt6.sys [X]
S3 Sunkfiltp; \??\C:\WINDOWS\System32\Drivers\sunkfiltp.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-10 20:58 - 2014-02-10 20:58 - 00000000 ____D () C:\FRST
2014-02-08 11:17 - 2014-02-08 11:17 - 00000000 __SHD () C:\FOUND.004
2014-01-25 11:47 - 2014-01-25 11:47 - 00000000 __SHD () C:\FOUND.003
2014-01-16 06:39 - 2014-01-16 06:39 - 00004366 _____ () C:\WINDOWS\KB2914368.log
2014-01-16 06:39 - 2014-01-16 06:39 - 00000000 ___HD () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-12 15:16 - 2014-01-12 15:16 - 00000000 ____D () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Spotify
2014-01-12 15:15 - 2014-01-12 15:15 - 00001734 _____ () C:\Documents and Settings\Jára\Nabídka Start\Programy\Spotify.lnk
2014-01-12 15:15 - 2014-01-12 15:15 - 00001728 _____ () C:\Documents and Settings\Jára\Plocha\Spotify.lnk
2014-01-12 15:14 - 2014-01-12 15:14 - 00000000 ____D () C:\Documents and Settings\Jára\Data aplikací\Spotify

==================== One Month Modified Files and Folders =======

2014-02-10 20:58 - 2014-02-10 20:58 - 00000000 ____D () C:\FRST
2014-02-10 20:42 - 2012-02-08 19:00 - 00006364 _____ () C:\WINDOWS\system32\AppLog.log
2014-02-10 20:42 - 2012-02-08 17:28 - 00000272 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2014-02-10 20:34 - 2010-12-03 17:41 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 20:16 - 2012-04-18 12:58 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-10 15:07 - 2012-11-15 17:47 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-02-10 13:09 - 2010-12-03 17:41 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 13:09 - 2010-01-05 16:14 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2014-02-10 11:56 - 2009-05-16 13:48 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-10 11:56 - 2009-05-16 13:18 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-10 11:55 - 2001-10-25 12:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-09 21:19 - 2013-07-24 10:51 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
2014-02-09 21:19 - 2009-05-16 13:54 - 00000272 ___SH () C:\Documents and Settings\Jára\ntuser.ini
2014-02-09 21:19 - 2009-05-16 13:48 - 00032558 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-09 21:19 - 2009-05-16 13:18 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-02-09 21:17 - 2009-05-16 13:32 - 01441674 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-09 11:28 - 2011-08-10 11:23 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job
2014-02-08 11:17 - 2014-02-08 11:17 - 00000000 __SHD () C:\FOUND.004
2014-02-05 20:16 - 2012-04-18 12:58 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 20:16 - 2011-10-04 18:31 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-01-25 11:47 - 2014-01-25 11:47 - 00000000 __SHD () C:\FOUND.003
2014-01-24 15:07 - 2011-01-11 20:16 - 00001604 _____ () C:\Documents and Settings\All Users\Plocha\avast! Free Antivirus.lnk
2014-01-24 15:07 - 2009-05-16 13:34 - 00002504 _____ () C:\WINDOWS\system32\CONFIG.NT
2014-01-21 13:12 - 2013-07-28 00:34 - 00007830 _____ () C:\WINDOWS\wmsetup.log
2014-01-16 06:40 - 2010-03-12 11:07 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 06:39 - 2014-01-16 06:39 - 00004366 _____ () C:\WINDOWS\KB2914368.log
2014-01-16 06:39 - 2014-01-16 06:39 - 00000000 ___HD () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-16 06:39 - 2013-07-11 10:20 - 00228482 _____ () C:\WINDOWS\iis6.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00095914 _____ () C:\WINDOWS\tsoc.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00070472 _____ () C:\WINDOWS\comsetup.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00066156 _____ () C:\WINDOWS\msmqinst.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00042703 _____ () C:\WINDOWS\ntdtcsetup.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00036822 _____ () C:\WINDOWS\netfxocm.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00014450 _____ () C:\WINDOWS\MedCtrOC.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00013124 _____ () C:\WINDOWS\ocmsn.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00010574 _____ () C:\WINDOWS\tabletoc.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00010506 _____ () C:\WINDOWS\msgsocm.log
2014-01-16 06:39 - 2013-07-11 10:20 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-01-16 06:39 - 2013-07-11 10:19 - 00210221 _____ () C:\WINDOWS\FaxSetup.log
2014-01-16 06:39 - 2013-07-11 10:19 - 00100504 _____ () C:\WINDOWS\ocgen.log
2014-01-12 15:16 - 2014-01-12 15:16 - 00000000 ____D () C:\Documents and Settings\Jára\Local Settings\Data aplikací\Spotify
2014-01-12 15:15 - 2014-01-12 15:15 - 00001734 _____ () C:\Documents and Settings\Jára\Nabídka Start\Programy\Spotify.lnk
2014-01-12 15:15 - 2014-01-12 15:15 - 00001728 _____ () C:\Documents and Settings\Jára\Plocha\Spotify.lnk
2014-01-12 15:14 - 2014-01-12 15:14 - 00000000 ____D () C:\Documents and Settings\Jára\Data aplikací\Spotify

Files to move or delete:
====================
C:\Documents and Settings\QIP\unins000.dat
C:\Documents and Settings\QIP\unins000.exe
C:\Documents and Settings\QIP\qip.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\WINDOWS\system32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\WINDOWS\system32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\WINDOWS\system32\services.exe
[2004-08-17 14:49] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\WINDOWS\system32\User32.dll
[2004-08-17 14:49] - [2008-04-14 04:22] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\WINDOWS\system32\userinit.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-17 14:44] - [2008-04-14 03:12] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

OTL logfile created on: 16.2.2014 20:18:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jára\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,22 Mb Total Physical Memory | 248,84 Mb Available Physical Memory | 48,77% Memory free
865,20 Mb Paging File | 468,91 Mb Available in Paging File | 54,20% Paging File free
Paging file location(s): C:\pagefile.sys 384 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,30 Gb Total Space | 0,35 Gb Free Space | 3,75% Space Free | Partition Type: FAT32

Computer Name: GOGOTEAM-E93E1D | User Name: Jára | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.02.16 20:08:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jára\Plocha\OTL.exe
PRC - [2011.08.06 04:21:28 | 001,017,912 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.06 04:21:26 | 004,118,072 | ---- | M] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011.08.06 04:21:26 | 000,400,440 | ---- | M] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\ppgooglenaclpluginchrome.dll
MOD - [2011.08.06 04:20:18 | 000,327,736 | ---- | M] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\Locales\cs.dll
MOD - [2011.08.06 04:20:00 | 000,104,520 | ---- | M] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011.08.06 04:19:58 | 000,203,848 | ---- | M] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011.08.06 04:19:56 | 001,846,344 | ---- | M] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Chrome\Application\13.0.782.112\avcodec-52.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Unknown] -- -- (MSDTC)
SRV - File not found [Disabled | Unknown] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2014.02.05 20:17:00 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Unknown] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Unknown] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.01.31 11:35:50 | 001,724,192 | ---- | M] (TuneUp Software) [Auto | Unknown] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2013.01.31 11:35:48 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Unknown] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.01.04 22:24:50 | 000,793,048 | ---- | M] (PC Tools) [Auto | Unknown] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2008.04.14 04:22:06 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys -- (SunkFilt6)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
DRV - [2013.06.28 10:19:26 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Unknown] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.06.28 10:19:26 | 000,175,176 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.06.28 10:19:26 | 000,000,175 | ---- | M] () [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswSP.sys.sum -- (aswSP)
DRV - [2013.05.09 10:59:10 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.05.09 10:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.05.09 10:59:10 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Unknown] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.05.09 10:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Unknown] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.05.09 10:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Unknown] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.09.19 09:50:50 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Unknown] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.03.25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.03.18 11:34:44 | 001,512,960 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\cmudax3.sys -- (cmuda3)
DRV - [2008.04.14 04:22:06 | 000,088,576 | ---- | M] (Microsoft Corporation) [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\system32\wbem\wmiaprpl.dll -- (WmiApRpl)
DRV - [2008.03.29 11:20:56 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS -- (MREMP50)
DRV - [2008.03.29 11:20:56 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS -- (MRESP50)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139)
DRV - [2004.08.03 22:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys -- (iAimFP4)
DRV - [2004.08.03 22:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys -- (iAimFP3)
DRV - [2004.08.03 22:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wATV10nt.sys -- (iAimTV5)
DRV - [2004.08.03 22:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys -- (iAimTV4)
DRV - [2004.08.03 22:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wATV06nt.sys -- (iAimTV6)
DRV - [2004.08.03 22:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wATV04nt.sys -- (iAimTV3)
DRV - [2004.08.03 22:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wATV02NT.sys -- (iAimTV1)
DRV - [2004.08.03 22:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wATV01nt.sys -- (iAimTV0)
DRV - [2004.08.03 22:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wADV09nt.sys -- (iAimFP7)
DRV - [2004.08.03 22:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wADV07nt.sys -- (iAimFP5)
DRV - [2004.08.03 22:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wADV08nt.sys -- (iAimFP6)
DRV - [2004.08.03 22:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2004.08.03 22:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wADV01nt.sys -- (iAimFP0)
DRV - [2004.08.03 22:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wADV02NT.sys -- (iAimFP1)
DRV - [2004.08.03 22:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\wADV05NT.sys -- (iAimFP2)
DRV - [2004.07.23 14:55:50 | 000,046,536 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\sunkfilt62.sys -- (SunkFilt62)
DRV - [2001.08.17 20:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\DRIVERS\el90xbc5.sys -- (EL90XBC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... FA_csCZ408
IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Jára\Local Settings\Data aplikací\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012.11.15 17:44:12 | 000,000,000 | ---D | M]

[2013.10.18 23:03:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.10.18 23:03:32 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2013.10.18 23:03:28 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
[2013.10.18 23:03:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.10.18 23:03:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.26 22:48:10 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome NaCl (Disabled) = C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\J\u00E1ra\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\13.0.782.112\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2014.02.13 16:38:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe (Motive Communications, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-813497703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C11D9701-9127-4232-975F-B2163A7BECFC}: DhcpNameServer = 10.0.0.138
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.16 13:34:44 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\Shell\AutoRun\command - "" = I:\RECYCLER.exe O:\
O33 - MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\Shell\Explore\command - "" = I:\RECYCLER.exe O:\
O33 - MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\Shell\Open\command - "" = I:\RECYCLER.exe O:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
System Restore Service not available.

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 7 Days ==========

[2014.02.16 20:08:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jára\Plocha\OTL.exe
[2014.02.10 20:58:07 | 000,000,000 | ---D | C] -- C:\FRST
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2014.02.16 20:08:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jára\Plocha\OTL.exe
[2014.02.16 11:28:02 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job
[2014.02.16 10:55:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.02.16 10:55:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.02.16 10:55:32 | 535,072,768 | -HS- | M] () -- C:\hiberfil.sys
[2014.02.14 11:13:34 | 000,432,778 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2014.02.14 11:13:34 | 000,429,166 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2014.02.14 11:13:34 | 000,078,272 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2014.02.14 11:13:34 | 000,067,734 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2014.02.14 10:47:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2014.02.11 20:58:12 | 000,000,549 | ---- | M] () -- C:\Documents and Settings\Jára\Plocha\RegCleaner.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.02.11 20:58:07 | 000,000,549 | ---- | C] () -- C:\Documents and Settings\Jára\Plocha\RegCleaner.lnk
[2013.06.28 10:19:28 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.06.26 19:17:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.06.26 19:17:17 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.03.19 18:20:22 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.19 18:20:21 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.11.16 19:21:50 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010.01.01 18:32:36 | 000,010,500 | ---- | C] () -- C:\Documents and Settings\Jára\Data aplikací\mdbu.bin
[2009.06.14 16:44:22 | 000,052,224 | ---- | C] () -- C:\Documents and Settings\Jára\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2013.06.17 22:56:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:56 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:56:06 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.05.17 19:30:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ScanSoft
[2009.07.18 20:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\iolo
[2010.01.01 18:20:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\HappyFoto
[2010.03.13 21:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Boss Media
[2010.08.08 18:06:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2011.01.11 20:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
[2012.01.19 21:03:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\boost_interprocess
[2012.02.08 17:26:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2013.07.24 10:41:02 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.07.24 10:41:04 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.07.24 10:42:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
[2013.07.24 11:14:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MGS
[2009.07.18 20:39:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\iolo
[2013.07.24 10:57:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\TuneUp Software
[2009.05.17 19:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Canon
[2009.05.31 16:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\BSplayer Pro
[2009.07.18 20:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\iolo
[2009.08.26 20:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\pdfforge
[2009.08.26 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Search Settings
[2009.10.22 21:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Happy Foto
[2009.11.29 14:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\GARMIN
[2010.08.08 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\ICQ
[2012.02.08 19:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Registry Mechanic
[2013.07.24 10:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\OpenCandy
[2013.07.24 10:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\TuneUp Software
[2014.01.12 15:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Spotify

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.05.16 13:31:04 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.05.16 13:48:37 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2011.08.10 11:23:36 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job

< >

< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.03.14 12:00:50 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.03.14 12:00:50 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 04:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe

< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.03.14 12:00:50 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2011.03.14 12:00:50 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.03.14 12:00:50 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2011.03.14 12:00:50 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 19:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 19:31:28 | 000,081,152 | ---- | M] (Microsoft Corporation) MD5=C4BA879B581BE34536FE01F79AC28631 -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: SCECLI.DLL >
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 12:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 12:25:58 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 04:22:46 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\ServicePackFiles\i386\services.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 04:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 04:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:22:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\a8ce4e6bedbaaf983743e1ce94354752\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a8ce4e6bedbaaf983743e1ce94354752\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009.05.16 13:13:30 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Jára\Data aplikací\Microsoft
[2009.05.16 13:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Identities
[2009.05.16 16:12:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Macromedia
[2009.05.16 16:14:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Motive
[2009.05.16 21:42:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Mozilla
[2009.05.17 19:34:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Canon
[2009.05.17 19:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Adobe
[2009.05.31 16:28:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\BSplayer Pro
[2009.06.13 15:48:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Apple Computer
[2009.07.18 20:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\iolo
[2009.08.26 20:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\pdfforge
[2009.08.26 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Search Settings
[2009.10.22 21:59:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Happy Foto
[2009.11.29 14:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\GARMIN
[2009.12.27 12:13:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Sun
[2010.08.08 18:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\ICQ
[2010.12.03 17:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Google
[2011.03.25 19:09:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Skype
[2011.03.25 19:19:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\skypePM
[2011.05.01 11:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Mozilla-Cache
[2012.02.08 19:01:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Registry Mechanic
[2013.07.24 10:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\OpenCandy
[2013.07.24 10:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Winamp
[2013.07.24 10:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\TuneUp Software
[2014.01.12 15:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Spotify

< %APPDATA%\*.exe /s >
[2009.02.11 19:00:00 | 007,853,352 | ---- | M] (iolo technologies, LLC ) -- C:\Documents and Settings\Jára\Data aplikací\iolo\Installers\SearchAndRecover.exe
[2013.04.02 15:27:54 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Jára\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2013.02.15 21:26:08 | 027,905,968 | ---- | M] (TuneUp Software) -- C:\Documents and Settings\Jára\Data aplikací\OpenCandy\78EA520207F74163B80BFA78328A1A7A\TuneUpUtilities2013-2200329_cs-CZ.exe
[2014.01.12 15:15:36 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Jára\Data aplikací\Spotify\SpotifyLauncher.exe
[2014.01.12 15:15:38 | 005,951,488 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe
[2014.01.12 15:15:26 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
[2014.01.12 15:15:26 | 000,610,304 | ---- | M] () -- C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyHelper.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014.02.16 11:28:02 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2009.05.16 13:12:14 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2009.05.16 13:12:14 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.05.16 13:12:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.02.16 10:55:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2014.02.14 11:13:34 | 000,067,734 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2014.02.14 11:13:34 | 000,432,778 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2014.02.14 11:13:34 | 000,078,272 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2014.02.14 11:13:34 | 000,429,166 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2014.02.14 10:51:44 | 085,946,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MRT.exe
[2014.02.14 11:13:34 | 000,978,870 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 04:22:18 | 000,015,360 | ---- | M] (Microsoft Corporation)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.12.03 17:41:02 | 000,039,408 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >
[2013.07.24 11:33:04 | 000,001,197 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\MGS\cache\c\crackerjack1.a8040f4e64fd6b965ca1deaf58776a8c.inf

< *keygen* /s >

< *loader* /s >
[2013.07.24 11:28:28 | 000,021,364 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\MGS\cache\i\icon_reloader.f2cfe662226abfd8c32674e726165f47.png
[2013.07.24 11:28:38 | 000,003,916 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\MGS\cache\i\icon_reloader_sml.0d2837f460a0b8a35cf50dda6fae7d7e.png
[2013.07.24 11:19:56 | 000,000,305 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\MGS\cache\l\lobby_loader.6216dae748b24fc9c595db78b2b0c194.inf
[2013.07.24 11:20:10 | 000,004,554 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\MGS\cache\l\lobby_loader.6f978e858297c4628fa6d767f5f57512.inf
[2014.02.16 00:22:00 | 000,008,581 | ---- | M] () -- \Documents and Settings\Jára\Local Settings\Temporary Internet Files\Content.IE5\8UWNHQNV\bx_loader[1].gif
[2008.04.13 19:31:48 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.14 04:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 19:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 04:21:40 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2010.10.22 12:43:22 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr

< End of report >

OTL Extras logfile created on: 16.2.2014 20:18:03 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Jára\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

510,22 Mb Total Physical Memory | 248,84 Mb Available Physical Memory | 48,77% Memory free
865,20 Mb Paging File | 468,91 Mb Available in Paging File | 54,20% Paging File free
Paging file location(s): C:\pagefile.sys 384 1024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 9,30 Gb Total Space | 0,35 Gb Free Space | 3,75% Space Free | Partition Type: FAT32

Computer Name: GOGOTEAM-E93E1D | User Name: Jára | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Casino\ParadiseCasino\CASINO.EXE" = C:\Casino\ParadiseCasino\CASINO.EXE:*:Enabled:CASINO
"C:\WINDOWS\System32\RUNDLL32.EXE" = C:\WINDOWS\System32\RUNDLL32.EXE:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\CardCasino.com\pokerclient\CardCasino.com.exe" = C:\Program Files\CardCasino.com\pokerclient\CardCasino.com.exe:*:Enabled:Poker Client Software
"C:\Documents and Settings\Jára\Local Settings\Temp\DSOClient\dlcache\app.n3app" = C:\Documents and Settings\Jára\Local Settings\Temp\DSOClient\dlcache\app.n3app:*:Enabled:Drakensang Online
"C:\Program Files\CardCasino\PokerClient.exe" = C:\Program Files\CardCasino\PokerClient.exe:*:Enabled:CardCasino
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe" = C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03A9B644-06C0-3A4F-9897-FA54F21268AD}" = Microsoft .NET Framework 3.5 Client Profile - Language Pack (CSY)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4E5A1C9E-2E32-3ECA-B497-0DBB4075376D}" = Microsoft .NET Framework 3.0 Client Profile - Language Pack (CSY)
"{4EF8BE6A-899C-4196-94E7-297C5F7A203E}" = pdfforge Toolbar v1.1.1
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{92110405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{9888BA71-C935-35DB-BC00-85920F091D98}" = Microsoft .NET Framework 2.0 Client Service Pack 2 - Language Pack (CSY)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A92000000001}" = Adobe Reader 9.2 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E0363CCC-3535-4BAA-9F2C-200F548675D6}" = TuneUp Utilities Language Pack (cs-CZ)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"C-Media PCI Sound" = C-Media PCI Audio Device
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Drakensang Online" = Drakensang Online
"ie8" = Windows Internet Explorer 8
"InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft.Net.Client.3.5" = Microsoft .NET Framework Client Profile
"Microsoft.Net.Client.3.5.LangPack.csy" = Microsoft .NET Framework Client Profile – jazyková sada – CSY
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
"Spotify" = Spotify
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (WDICA)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys -- (SunkFilt6)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRFRAME)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDRELI)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDFRAME)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (PDCOMP)
  DRV - File not found [Kernel | System | Unknown] -- -- (PCIDump)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
  DRV - File not found [Kernel | On_Demand | Unknown] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
  DRV - File not found [Kernel | System | Unknown] -- -- (lbrtfdc)
  DRV - File not found [Kernel | System | Unknown] -- -- (i2omgmt)
  DRV - File not found [Kernel | System | Unknown] -- -- (Changer)
  IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  IE - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_csCZ408
  [2013.10.18 23:03:32 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
  [2013.10.18 23:03:28 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
  O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll (Spigot, Inc.)
  O3 - HKU\S-1-5-21-73586283-813497703-839522115-1003\..\Toolbar\ShellBrowser: (no name) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No CLSID value found.
  O33 - MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\Shell\AutoRun\command - "" = I:\RECYCLER.exe O:\
  O33 - MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\Shell\Explore\command - "" = I:\RECYCLER.exe O:\
  O33 - MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\Shell\Open\command - "" = I:\RECYCLER.exe O:\
  [2013.07.24 10:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\OpenCandy
  [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  [29 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [1 C:\WINDOWS\SoftwareDistribution\Download\a8ce4e6bedbaaf983743e1ce94354752\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\a8ce4e6bedbaaf983743e1ce94354752\*.tmp -> ]
  [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
  [2009.08.26 20:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Jára\Data aplikací\Search Settings
  [2009.02.11 19:00:00 | 007,853,352 | ---- | M] (iolo technologies, LLC ) -- C:\Documents and Settings\Jára\Data aplikací\iolo\Installers\SearchAndRecover.exe
  [2013.04.02 15:27:54 | 000,054,776 | ---- | M] (Adobe Systems Inc.) -- C:\Documents and Settings\Jára\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
  [2013.02.15 21:26:08 | 027,905,968 | ---- | M] (TuneUp Software) -- C:\Documents and Settings\Jára\Data aplikací\OpenCandy\78EA520207F74163B80BFA78328A1A7A\TuneUpUtilities2013-2200329_cs-CZ.exe
  [2014.01.12 15:15:36 | 000,062,464 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Jára\Data aplikací\Spotify\SpotifyLauncher.exe
  [2014.01.12 15:15:38 | 005,951,488 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe
  [2014.01.12 15:15:26 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe
  [2014.01.12 15:15:26 | 000,610,304 | ---- | M] () -- C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyHelper.exe
  [2014.02.16 11:28:02 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service Sunkfiltp stopped successfully!
Service Sunkfiltp deleted successfully!
File C:\WINDOWS\System32\Drivers\sunkfiltp.sys not found.
Service SunkFilt6 stopped successfully!
Service SunkFilt6 deleted successfully!
File C:\WINDOWS\System32\Drivers\sunkfilt6.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service MRESP50a64 stopped successfully!
Service MRESP50a64 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS not found.
Service MRENDIS5 stopped successfully!
Service MRENDIS5 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS not found.
Service MREMPR5 stopped successfully!
Service MREMPR5 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS not found.
Service MREMP50a64 stopped successfully!
Service MREMP50a64 deleted successfully!
File C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry value HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\skin folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale\EN-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\COMPONENTS folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome\LOCALE\EN-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome\LOCALE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome\CONTENT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome\skin folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-73586283-813497703-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21311720-4df2-11de-8359-00b0d0ed8685}\ not found.
File I:\RECYCLER.exe O:\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21311720-4df2-11de-8359-00b0d0ed8685}\ not found.
File I:\RECYCLER.exe O:\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21311720-4df2-11de-8359-00b0d0ed8685}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21311720-4df2-11de-8359-00b0d0ed8685}\ not found.
File I:\RECYCLER.exe O:\ not found.
C:\Documents and Settings\Jára\Data aplikací\OpenCandy\78EA520207F74163B80BFA78328A1A7A folder moved successfully.
C:\Documents and Settings\Jára\Data aplikací\OpenCandy\OpenCandy_78EA520207F74163B80BFA78328A1A7A folder moved successfully.
C:\Documents and Settings\Jára\Data aplikací\OpenCandy folder moved successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\002678_.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1DF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2BE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CA.tmp\System.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CA.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3DB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP402.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4EC.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5CB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP605.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP605.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP62F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP70B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7B9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7BE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B2.tmp\mscorlib.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3B2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP493.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP34.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP156.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP244.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP295.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp\System.Design.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP150.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP136.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP219.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22D.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10E.tmp\System.Net.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30E.tmp\jsc.exe deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP30E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP64.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI199.tmp deleted successfully.
C:\WINDOWS\Installer\MSI1AE.tmp deleted successfully.
C:\WINDOWS\Installer\MSI74F.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\a8ce4e6bedbaaf983743e1ce94354752\BIT3D3.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\Documents and Settings\Jára\Data aplikací\Search Settings\kb128\temp folder moved successfully.
C:\Documents and Settings\Jára\Data aplikací\Search Settings\kb128 folder moved successfully.
C:\Documents and Settings\Jára\Data aplikací\Search Settings folder moved successfully.
C:\Documents and Settings\Jára\Data aplikací\iolo\Installers\SearchAndRecover.exe moved successfully.
C:\Documents and Settings\Jára\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe moved successfully.
File C:\Documents and Settings\Jára\Data aplikací\OpenCandy\78EA520207F74163B80BFA78328A1A7A\TuneUpUtilities2013-2200329_cs-CZ.exe not found.
C:\Documents and Settings\Jára\Data aplikací\Spotify\SpotifyLauncher.exe moved successfully.
C:\Documents and Settings\Jára\Data aplikací\Spotify\spotify.exe moved successfully.
C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyWebHelper.exe moved successfully.
C:\Documents and Settings\Jára\Data aplikací\Spotify\Data\SpotifyHelper.exe moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-813497703-839522115-1003Core1cc573f2ea84ef0.job moved successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes

User: All Users

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1344914 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 34001 bytes

User: Jára
->Temp folder emptied: 100954 bytes
->Temporary Internet Files folder emptied: 17329896 bytes
->Java cache emptied: 13697078 bytes
->Google Chrome cache emptied: 109791764 bytes
->Flash cache emptied: 12477 bytes

User: QIP

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22837 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 280374664 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1764334 bytes

Total Files Cleaned = 405,00 mb


[EMPTYFLASH]

User: Default User
->Flash cache emptied: 0 bytes

User: All Users

User: NetworkService

User: LocalService

User: Jára
->Flash cache emptied: 0 bytes

User: QIP

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Default User

User: All Users

User: NetworkService

User: LocalService

User: Jára
->Java cache emptied: 0 bytes

User: QIP

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02172014_200200

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\_asw_aisI.tm~a03852\setup.lok not found!
File\Folder C:\WINDOWS\temp\_avast_\Webshlock.txt not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Jak se chova PC??

je to lepsi. diky za pomoc. vse funguje rychleji
ale stejne ho asi vymenime. zadny zazrak to neni

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse