Prosím kontrola logu

[Northend]

Zdravím,
přítelkyně odjela do Paříže tak jsem dostal svolení vyčistit s vaší pomocí její notebook.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2014 01
Ran by martina (administrator) on MARTINA-NOTAS on 14-08-2014 20:19:52
Running from C:\Documents and Settings\martina\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Google) C:\Program Files\Google\Google Talk\googletalk.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(VŠB-TU Ostrava) C:\Program Files\SafeQ\SafeQ_cli.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(C-Dilla Ltd) C:\WINDOWS\system32\drivers\CDANTSRV.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
(Macrovision Corporation) C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
(Macrovision Corporation) C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\SCIA\crack\Flexlm\Scia.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\martina\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-10-27] (Google Inc.)
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {22aedc18-6290-11e0-b980-00248167d4db} - I:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {3528fea7-0409-11df-b71c-00248167d4db} - G:\Toshiba\Launcher\start.exe
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {41af6ca6-61bd-11e0-b97f-000000000000} - I:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {a7f144fc-cf10-11df-b84f-00248167d4db} - H:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: Správa překryvné ikony digitálních podpisů AutoCADu -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/sear ... earchTerms}
SearchScopes: HKCU - {4F11ACBB-393F-4c86-A214-FF3D0D155CC3} URL = http://search.burn4free-toolbar.com/sea ... arch-field
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4b3d2cf0 ... te=us&nt=1
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.136

FireFox:
========
FF ProfilePath: C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\martina\Data aplikací\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\martina\Data aplikací\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Speed Dial - C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-03-06]
FF Extension: Adblock Plus - C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-22]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-04-11]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR StartupUrls: "chrome://newtab/"
CHR Extension: (HD for YouTube™) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-01-16]
CHR Extension: (Angry Birds) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-12-10]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-10]
CHR Extension: (Disk Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-10]
CHR Extension: (YouTube) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-10]
CHR Extension: (Bounceball) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bnonnffemhpfblohaicmfmofbfaaoobf [2013-12-10]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-10]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-10]
CHR Extension: (Balloono) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fmggmlpijnjmhdekfigfbkookpdfodhf [2013-12-10]
CHR Extension: (Mail Checker Plus for Google Mail™) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe [2013-12-10]
CHR Extension: (Grass) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2013-12-10]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-10]
CHR Extension: (Short url using official goo.gl api) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\phncbknmjfhhegegchdflhepkoibbbie [2013-12-10]
CHR Extension: (Gmail) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-10]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [32256 2001-04-06] (C-Dilla Ltd) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-09-27] (Flexera Software, Inc.)
S2 gupdate1ca411a4416cfc2; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-09-29] (Google Inc.)
R2 Nexis 3.5 license server - dT 2004; C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe [974848 2008-04-02] (Macrovision Corporation) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [560528 2013-12-13] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\WINDOWS\System32\DRIVERS\acsint.sys [40304 2013-12-13] (Cisco Systems, Inc.)
S3 acsmux; C:\WINDOWS\System32\DRIVERS\acsmux.sys [58736 2013-12-13] (Cisco Systems, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [165376 2012-02-29] () [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AvgLdx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AvgMfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [74688 2008-04-03] (Broadcom Corporation.)
S3 C-Dilla; C:\WINDOWS\system32\drivers\CDANT.SYS [56592 2001-04-06] (Macrovision) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 eabfiltr; C:\WINDOWS\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\WINDOWS\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 hwusbfake; C:\WINDOWS\System32\DRIVERS\ewusbfake.sys [100480 2009-07-23] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2012-02-29] () [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3626112 2008-04-28] (Intel Corporation)
S3 SCR3XX2K; C:\WINDOWS\System32\DRIVERS\SCR3XX2K.sys [56448 2007-06-21] (SCM Microsystems Inc.)
R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1804160 2008-04-10] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2009-12-12] () [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [296320 2008-04-04] (Marvell)
U3 ajbbjfed; C:\WINDOWS\system32\Drivers\ajbbjfed.sys [0 ] (Microsoft Corporation)
S2 adfs; No ImagePath
U2 CertPropSvc;
S4 IntelIde; No ImagePath
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS
S3 SNPSTD3; system32\DRIVERS\snpstd3.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 20:19 - 2014-08-14 20:20 - 00021268 _____ () C:\Documents and Settings\martina\Plocha\FRST.txt
2014-08-14 20:19 - 2014-08-14 20:19 - 00000000 ____D () C:\FRST
2014-08-14 20:17 - 2014-08-14 20:17 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\martina\Plocha\FRSTLauncher.exe
2014-08-14 20:16 - 2014-08-14 20:16 - 01092096 _____ (Farbar) C:\Documents and Settings\martina\Plocha\FRST.exe
2014-08-14 20:06 - 2014-08-14 20:06 - 00000788 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
2014-08-14 20:06 - 2014-08-14 20:06 - 00000290 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
2014-08-14 20:05 - 2014-08-14 20:05 - 00083942 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
2014-08-14 20:05 - 2014-08-14 20:05 - 00001710 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
2014-08-14 19:55 - 2014-08-14 19:55 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-07 19:18 - 2014-08-07 21:11 - 00004383 _____ () C:\Documents and Settings\martina\Plocha\PAŘÍŽ.txt
2014-08-06 15:37 - 2014-08-06 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-25 16:50 - 2014-07-25 15:47 - 08143775 _____ () C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
2014-07-19 21:35 - 2014-07-19 21:37 - 00000000 ____D () C:\Documents and Settings\martina\Plocha\mpp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 20:20 - 2014-08-14 20:19 - 00021268 _____ () C:\Documents and Settings\martina\Plocha\FRST.txt
2014-08-14 20:20 - 2009-08-29 10:23 - 00000000 ____D () C:\Documents and Settings\martina\Local Settings\Temp
2014-08-14 20:19 - 2014-08-14 20:19 - 00000000 ____D () C:\FRST
2014-08-14 20:19 - 2009-08-29 10:23 - 00000000 ___HD () C:\Documents and Settings\martina\Local Settings\Data aplikací
2014-08-14 20:19 - 2009-08-29 10:23 - 00000000 ____D () C:\Documents and Settings\martina\Plocha
2014-08-14 20:17 - 2014-08-14 20:17 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\martina\Plocha\FRSTLauncher.exe
2014-08-14 20:16 - 2014-08-14 20:16 - 01092096 _____ (Farbar) C:\Documents and Settings\martina\Plocha\FRST.exe
2014-08-14 20:13 - 2009-09-29 17:34 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\Skype
2014-08-14 20:13 - 2009-08-29 10:23 - 00000000 ___RD () C:\Documents and Settings\martina\Nabídka Start\Programy
2014-08-14 20:13 - 2009-08-29 10:23 - 00000000 ____D () C:\Documents and Settings\martina
2014-08-14 20:06 - 2014-08-14 20:06 - 00000788 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
2014-08-14 20:06 - 2014-08-14 20:06 - 00000290 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
2014-08-14 20:06 - 2009-08-29 10:23 - 00000000 ___RD () C:\Documents and Settings\martina\Dokumenty
2014-08-14 20:05 - 2014-08-14 20:05 - 00083942 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
2014-08-14 20:05 - 2014-08-14 20:05 - 00001710 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
2014-08-14 20:01 - 2011-12-13 14:39 - 00000000 ____D () C:\Documents and Settings\martina\Local Settings\Data aplikací\Deployment
2014-08-14 20:00 - 2011-04-06 16:32 - 00000000 ____D () C:\Program Files\Yawcam
2014-08-14 20:00 - 2009-08-29 12:08 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-08-14 20:00 - 2009-08-29 12:08 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-08-14 20:00 - 2009-08-29 12:01 - 00000000 ____D () C:\WINDOWS\twain_32
2014-08-14 20:00 - 2009-08-29 10:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-14 20:00 - 2006-03-02 14:00 - 00001115 _____ () C:\WINDOWS\win.ini
2014-08-14 19:59 - 2012-12-18 22:09 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\KB Piano
2014-08-14 19:59 - 2009-08-29 12:10 - 00000325 ____N () C:\WINDOWS\wiadebug.log
2014-08-14 19:58 - 2013-12-10 17:16 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-08-14 19:58 - 2012-11-17 13:22 - 00000000 ____D () C:\NEXIS32
2014-08-14 19:58 - 2012-08-24 18:52 - 00000942 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:56 - 2009-08-29 10:30 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-14 19:56 - 2009-08-29 10:28 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-14 19:55 - 2014-08-14 19:55 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-14 19:54 - 2010-03-29 13:35 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Google
2014-08-14 19:54 - 2009-09-08 08:56 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:54 - 2009-08-29 10:22 - 00032504 ____N () C:\WINDOWS\SchedLgU.Txt
2014-08-14 19:53 - 2013-06-07 12:53 - 00000000 ____D () C:\Documents and Settings\martina\Local Settings\Data aplikací\Flvto Youtube Downloader
2014-08-14 19:49 - 2013-11-19 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Dokumenty\ArcPad
2014-08-14 19:47 - 2009-11-18 21:49 - 00000000 ____D () C:\Program Files\DivX
2014-08-14 19:46 - 2011-12-23 14:42 - 00000000 ____D () C:\Program Files\CdCoverCreator
2014-08-14 19:45 - 2011-11-07 20:12 - 00000000 ____D () C:\WINDOWS\pss
2014-08-14 19:45 - 2009-08-29 10:59 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-08-14 19:45 - 2009-08-29 10:23 - 00000000 ___RD () C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění
2014-08-14 19:39 - 2009-08-29 10:18 - 01059633 ____N () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:38 - 2013-03-26 20:19 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-08-14 19:37 - 2012-02-28 19:00 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
2014-08-14 19:35 - 2012-02-13 11:02 - 00000000 ___RD () C:\Documents and Settings\martina\Dokumenty\Dropbox
2014-08-14 19:35 - 2012-02-13 11:01 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\Dropbox
2014-08-14 19:35 - 2006-03-02 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-14 19:33 - 2009-08-29 12:10 - 00000049 ____N () C:\WINDOWS\wiaservc.log
2014-08-14 19:32 - 2014-03-27 19:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-08-14 19:32 - 2012-08-24 18:52 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:32 - 2009-08-29 10:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-11 16:00 - 2012-03-22 21:03 - 03997696 _____ () C:\WINDOWS\system32\config\ACVPN.evt
2014-08-11 16:00 - 2009-08-29 10:23 - 00000178 ___SH () C:\Documents and Settings\martina\ntuser.ini
2014-08-11 15:52 - 2012-01-28 15:58 - 00008192 ___SH () C:\WINDOWS\Thumbs.db
2014-08-10 22:00 - 2009-11-01 23:32 - 00000008 _____ () C:\debugoutput.txt
2014-08-10 19:06 - 2010-02-11 20:11 - 00395776 ___SH () C:\Documents and Settings\martina\Plocha\Thumbs.db
2014-08-10 18:57 - 2014-06-17 15:47 - 00000000 ____D () C:\Documents and Settings\martina\Plocha\PAŘÍŽ
2014-08-08 15:00 - 2014-03-27 19:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-08-07 21:11 - 2014-08-07 19:18 - 00004383 _____ () C:\Documents and Settings\martina\Plocha\PAŘÍŽ.txt
2014-08-07 18:56 - 2014-01-30 12:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-07 10:02 - 2014-04-01 11:53 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2014-08-07 10:02 - 2013-09-29 19:53 - 00000702 _____ () C:\Documents and Settings\All Users\Plocha\AVG 2014.lnk
2014-08-07 08:39 - 2013-08-15 18:21 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-07 08:37 - 2012-02-28 19:00 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
2014-08-07 08:33 - 2009-09-24 16:56 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-06 15:37 - 2014-08-06 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-06 14:37 - 2009-08-29 10:23 - 00000000 __RHD () C:\Documents and Settings\martina\Data aplikací
2014-08-06 14:36 - 2012-02-13 11:02 - 00000999 _____ () C:\Documents and Settings\martina\Plocha\Dropbox.lnk
2014-08-06 14:36 - 2012-02-13 11:01 - 00000000 ____D () C:\Documents and Settings\martina\Nabídka Start\Programy\Dropbox
2014-08-01 18:44 - 2009-09-08 09:04 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\XnView
2014-08-01 18:37 - 2009-09-22 11:31 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\vlc
2014-07-25 15:47 - 2014-07-25 16:50 - 08143775 _____ () C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
2014-07-24 18:48 - 2009-08-30 07:12 - 00132608 _____ () C:\Documents and Settings\martina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-23 22:14 - 2009-08-31 18:25 - 00000000 ___RD () C:\Documents and Settings\martina\Dokumenty\Filmy
2014-07-19 21:37 - 2014-07-19 21:35 - 00000000 ____D () C:\Documents and Settings\martina\Plocha\mpp

Some content of TEMP:
====================
C:\Documents and Settings\martina\Local Settings\Temp\6_Offer_3.exe
C:\Documents and Settings\martina\Local Settings\Temp\A~NSISu_.exe
C:\Documents and Settings\martina\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpflaol_.dll
C:\Documents and Settings\martina\Local Settings\Temp\GLB1A2B.EXE
C:\Documents and Settings\martina\Local Settings\Temp\Mobogenie_INT.exe
C:\Documents and Settings\martina\Local Settings\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:222.88 GB) (Free:50.31 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.99 GB) FAT32
Drive e: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:2.25 GB) NTFS

Available physical RAM: 847.09 MB
Total physical RAM: 1976.19 MB
Percentage of memory in use: 57%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 233 GB) (Disk ID: 80D2F3EE)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=0C)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job => C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job => C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\martina\Plocha" je 3012 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Bitmeter2.lnk
C:\DOCUME~1\martina\DOKUME~1\PROGRA~1\BitMeter\BITMET~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^martina^Nabdka Start^Programy^Po sputn^Vezy obrazovky a sputn aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"="C:\\Program Files\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\GetWare\\WebCam Live\\WebCam.exe"="C:\\Program Files\\GetWare\\WebCam Live\\WebCam.exe:*:Enabled:WebCam Live"
"C:\\Documents and Settings\\martina\\Data aplikac\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\martina\\Data aplikac\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Documents and Settings\\martina\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\flexlm\\nexis\\lmgrd.exe"="C:\\flexlm\\nexis\\lmgrd.exe:*:Enabled:lmgrd"
"C:\\flexlm\\nexis\\scia.exe"="C:\\flexlm\\nexis\\scia.exe:*:Enabled:scia"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\\ZunTzu.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\\ZunTzu.exe:*:Enabled:ZunTzu"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Program Files\\Codemasters\\Colin McRae Rally 2\\CMR2.exe"="C:\\Program Files\\Codemasters\\Colin McRae Rally 2\\CMR2.exe:*:Enabled:Colin McRae Rally 2"
"C:\\Program Files\\Codemasters\\Colin McRae Rally 04\\cmr4.exe"="C:\\Program Files\\Codemasters\\Colin McRae Rally 04\\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application"
"C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\\TV Online.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\\TV Online.exe:*:Enabled:TV Online"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\\TV Online.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\\TV Online.exe:*:Enabled:TV Online"
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Documents and Settings\\martina\\Plocha\\red-alert2-portable\\red-alert2-portable\\GAME.EXE"="C:\\Documents and Settings\\martina\\Plocha\\red-alert2-portable\\red-alert2-portable\\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"I:\\UnrealTournament\\System\\UnrealTournament.exe"="I:\\UnrealTournament\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe:*:Enabled:Online Shield"
"C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"="C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

[Northend]

# AdwCleaner v3.305 - Report created 15/08/2014 at 10:15:14
# Updated 14/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : martina - MARTINA-NOTAS
# Running from : C:\Documents and Settings\martina\Plocha\adwcleaner_3.305.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Documents and Settings\All Users\Dokumenty\AlawarWrapper
Folder Deleted : C:\Documents and Settings\martina\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\Documents and Settings\martina\Data aplikací\Systweak
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\martina\daemonprocess.txt
File Deleted : C:\DOCUME~1\martina\LOCALS~1\Temp\Uninstall.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\prefs.js ]


-\\ Google Chrome v36.0.1985.143

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.tfa-czech.cz/?page=websearch&srchtext={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [6122 octets] - [15/08/2014 10:12:04]
AdwCleaner[S0].txt - [6185 octets] - [15/08/2014 10:15:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6245 octets] ##########

[Márty84]

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

[Northend]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.08.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
martina :: MARTINA-NOTAS [administrátor]

Ochrana: Povolena

16.8.2014 7:28:52
MBAM-log-2014-08-16 (10-32-59).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 472613
Uplynulý čas: 1 hodin, 40 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Documents and Settings\martina\Dokumenty\PROGRAMY A HRY\EA Games\The Sims 2 DVD Nemusí být Crack\Key pro všechny THE sims I datadisky\fff-ea125.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\martina\Local Settings\Temp\Mobogenie_INT.exe (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Nalezy nechte odstranit, pak MBAM odinstalujte.


Dejte novy log z RSIT

[Northend]

je potřeba znovu nechat skoro 2 hodiny prohledávat nebo se ten log dá nějak otevřít?

[Márty84]

je potřeba znovu nechat skoro 2 hodiny prohledávat nebo se ten log dá nějak otevřít?

Pokud jste program zavrel, musite udelat novy test.

[Northend]

Logfile of random's system information tool 1.10 (written by random/random)
Run by martina at 2014-08-21 23:48:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 47 GB (21%) free of 228 GB
Total RAM: 1976 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:49:01, on 21.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\SafeQ\SafeQ_cli.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\SCIA\crack\Flexlm\SCIA.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\martina\Plocha\RSIT.exe
C:\Program Files\trend micro\martina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files\SafeQ\SafeQ_cli.exe
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca411a4416cfc2) (gupdate1ca411a4416cfc2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nexis 3.5 license server - dT 2004 - Macrovision Corporation - C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

--
End of file - 9728 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default

prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-22 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1044480]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-06-05 170520]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1040384]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-11 5187088]
"SafeQClient"=C:\Program Files\SafeQ\SafeQ_cli.exe [2012-11-21 474624]
"Bonus.SSR.FR11"=C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2013-06-28 1364496]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-12-13 707472]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-10-27 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bitmeter2.lnk]
C:\DOCUME~1\martina\DOKUME~1\PROGRA~1\BitMeter\BITMET~1.EXE [2010-01-24 1462272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^martina^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-29 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-05-21 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\GetWare\WebCam Live\WebCam.exe"="C:\Program Files\GetWare\WebCam Live\WebCam.exe:*:Enabled:WebCam Live"
"C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\flexlm\nexis\lmgrd.exe"="C:\flexlm\nexis\lmgrd.exe:*:Enabled:lmgrd"
"C:\flexlm\nexis\scia.exe"="C:\flexlm\nexis\scia.exe:*:Enabled:scia"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe"="C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe:*:Enabled:ZunTzu"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe"="C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe:*:Enabled:Colin McRae Rally 2"
"C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe"="C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application"
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe"="C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe:*:Enabled:TV Online"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe"="C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe:*:Enabled:TV Online"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE"="C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"I:\UnrealTournament\System\UnrealTournament.exe"="I:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.yv12"=yv12vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-08-21 23:48:55 ----D---- C:\rsit
2014-08-17 20:05:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Caphyon
2014-08-17 20:05:46 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2014-08-17 20:05:42 ----D---- C:\Program Files\TV Online
2014-08-17 20:05:17 ----D---- C:\Documents and Settings\martina\Data aplikací\TV Online
2014-08-16 07:25:14 ----D---- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
2014-08-16 07:24:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-08-15 10:12:03 ----D---- C:\AdwCleaner
2014-08-14 20:19:39 ----D---- C:\FRST
2014-08-06 15:37:16 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-08-21 23:49:01 ----D---- C:\WINDOWS\Prefetch
2014-08-21 23:48:58 ----D---- C:\Program Files\trend micro
2014-08-21 23:48:57 ----D---- C:\WINDOWS\system32\CatRoot2
2014-08-21 23:47:33 ----D---- C:\WINDOWS\Temp
2014-08-21 23:44:52 ----D---- C:\Program Files
2014-08-21 23:43:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-21 23:42:39 ----D---- C:\WINDOWS\system32\drivers
2014-08-21 21:24:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-08-21 21:21:42 ----D---- C:\Documents and Settings\martina\Data aplikací\Dropbox
2014-08-20 23:05:26 ----A---- C:\debugoutput.txt
2014-08-20 22:41:35 ----D---- C:\WINDOWS\Minidump
2014-08-20 22:41:35 ----D---- C:\WINDOWS
2014-08-19 22:03:33 ----D---- C:\Documents and Settings\martina\Data aplikací\vlc
2014-08-19 08:56:54 ----HD---- C:\WINDOWS\inf
2014-08-17 20:12:31 ----SHD---- C:\WINDOWS\Installer
2014-08-17 20:05:46 ----D---- C:\WINDOWS\system32
2014-08-17 19:55:53 ----D---- C:\Documents and Settings\martina\Data aplikací\XnView
2014-08-16 03:04:21 ----D---- C:\WINDOWS\system32\MRT
2014-08-16 03:00:33 ----D---- C:\WINDOWS\Debug
2014-08-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-15 10:22:05 ----D---- C:\Documents and Settings\martina\Data aplikací\Skype
2014-08-15 10:15:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-08-15 10:08:29 ----A---- C:\WINDOWS\WDICT32.INI
2014-08-14 20:00:00 ----HD---- C:\Program Files\InstallShield Installation Information
2014-08-14 20:00:00 ----D---- C:\WINDOWS\twain_32
2014-08-14 20:00:00 ----A---- C:\WINDOWS\win.ini
2014-08-14 19:59:58 ----D---- C:\Program Files\Common Files
2014-08-14 19:59:39 ----RSD---- C:\WINDOWS\assembly
2014-08-14 19:59:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\KB Piano
2014-08-14 19:58:31 ----D---- C:\NEXIS32
2014-08-14 19:56:17 ----D---- C:\Program Files\Hewlett-Packard
2014-08-14 19:56:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-08-14 19:54:05 ----D---- C:\Program Files\Google
2014-08-14 19:54:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2014-08-14 19:52:16 ----D---- C:\WINDOWS\WinSxS
2014-08-14 19:48:11 ----RSD---- C:\WINDOWS\Fonts
2014-08-14 19:47:12 ----D---- C:\Program Files\DivX
2014-08-14 19:45:50 ----D---- C:\WINDOWS\pss
2014-08-14 19:45:45 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-08-07 18:56:59 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 AvgMfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 hpdskflt;HP Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2008-05-23 24624]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 SFAUDIO;Sonic Focus DSP Driver; C:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-12 691696]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-06-17 190232]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 AvgLdx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 AvgTdiX;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-02-29 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-02-29 18048]
R3 Accelerometer;HP Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2008-05-23 28592]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-11 338944]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-04-03 74688]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-05-21 6018464]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw5x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-04-28 3626112]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-27 224672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-04-04 296320]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 acsint;acsint; C:\WINDOWS\system32\DRIVERS\acsint.sys [2013-12-13 40304]
S3 acsmux;acsmux; C:\WINDOWS\system32\DRIVERS\acsmux.sys [2013-12-13 58736]
S3 aj4m13s6;aj4m13s6; C:\WINDOWS\system32\drivers\aj4m13s6.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-07-23 112640]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102528]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-07-23 100480]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 SCR3XX2K;SCR3xx USB SmartCardReader; C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys [2007-06-21 56448]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2013-12-13 23976]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-12-11 12800]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-11 3244048]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-11 289328]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2001-04-06 32256]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 Nexis 3.5 license server - dT 2004;Nexis 3.5 license server - dT 2004; C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe [2008-04-02 974848]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-12-13 560528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca411a4416cfc2;Služba Google Update (gupdate1ca411a4416cfc2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-29 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-08-29 85096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-09-27 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-29 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-06 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Jeste jeden sken a budeme mazat.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[Northend]

OTL logfile created on: 23.8.2014 7:26:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\martina\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 46,66% Memory free
3,78 Gb Paging File | 2,82 Gb Available in Paging File | 74,63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 45,71 Gb Free Space | 20,51% Space Free | Partition Type: NTFS
Drive D: | 1021,00 Mb Total Space | 1018,45 Mb Free Space | 99,75% Space Free | Partition Type: FAT32
Drive E: | 9,00 Gb Total Space | 2,25 Gb Free Space | 25,04% Space Free | Partition Type: NTFS

Computer Name: MARTINA-NOTAS | User Name: martina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.08.23 07:26:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martina\Plocha\OTL.exe
PRC - [2014.08.11 14:51:18 | 006,018,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgmfapx.exe
PRC - [2014.08.11 14:51:00 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.11 14:49:02 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014.08.11 14:45:50 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014.08.11 14:42:36 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014.08.11 14:42:34 | 005,187,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.08.11 14:36:28 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.08.06 11:34:34 | 013,246,272 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.08.06 11:21:00 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2013.12.13 00:36:27 | 000,707,472 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2013.12.13 00:36:11 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012.11.21 15:10:58 | 000,474,624 | ---- | M] (VŠB-TU Ostrava) -- C:\Program Files\SafeQ\SafeQ_cli.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2008.04.18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
PRC - [2008.04.18 15:53:58 | 000,178,712 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.02 03:59:22 | 000,983,040 | ---- | M] () -- C:\Program Files\SCIA\crack\Flexlm\Scia.exe
PRC - [2008.04.02 03:59:00 | 000,974,848 | ---- | M] (Macrovision Corporation) -- C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
PRC - [2007.12.11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2007.01.01 23:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2001.04.06 23:24:54 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE


========== Modules (No Company Name) ==========

MOD - [2014.08.07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014.08.07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014.08.07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014.02.13 18:00:30 | 001,227,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\f0ac0cd2869df90f5e17a0b7c6b74edd\System.WorkflowServices.ni.dll
MOD - [2014.02.13 17:59:54 | 000,369,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\852c0f070c5082dab030093f84338d4a\System.ServiceModel.Routing.ni.dll
MOD - [2014.02.13 17:59:53 | 001,142,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b1c2fed4762d90f6c2033afeb1a72b9d\System.ServiceModel.Discovery.ni.dll
MOD - [2014.02.13 17:59:51 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4c1b5f3e49f0e1335e106967fa4a4217\System.ServiceModel.Channels.ni.dll
MOD - [2014.02.13 17:59:33 | 001,393,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8fccede33dc07b2f991fe02f20786f52\System.ServiceModel.Activities.ni.dll
MOD - [2014.02.13 17:59:29 | 001,079,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\fe7c09c37b8b39bd894d6a225f9ca01b\System.IdentityModel.ni.dll
MOD - [2014.02.13 17:59:27 | 018,109,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dd733c6f1f9f50f3517d48da5bea80d2\System.ServiceModel.ni.dll
MOD - [2014.02.13 17:59:10 | 001,077,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\159b704e66dfb471d05dbb6d82224541\System.ServiceModel.Web.ni.dll
MOD - [2014.02.13 17:57:33 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2e3fdae8546832614633495638bef8d0\System.ServiceProcess.ni.dll
MOD - [2014.02.13 17:57:29 | 001,926,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\db11fb89ce47f21fbc956c88286288dc\System.Web.Services.ni.dll
MOD - [2014.02.13 17:57:15 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\6a5f031a28c774f1163af0715c3a6097\System.EnterpriseServices.ni.dll
MOD - [2014.02.13 17:57:15 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\6a5f031a28c774f1163af0715c3a6097\System.EnterpriseServices.Wrapper.dll
MOD - [2014.02.13 17:57:14 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\fc7255cccb69c45a808b3d7e6abf55c5\System.Transactions.ni.dll
MOD - [2014.02.13 17:57:13 | 001,021,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\469dd20488c4a9606abe21189a3c1ab9\System.Runtime.DurableInstancing.ni.dll
MOD - [2014.02.13 17:57:12 | 002,658,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
MOD - [2014.02.13 17:57:12 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\27bdc6196968e44234654e30e1028750\SMDiagnostics.ni.dll
MOD - [2014.02.13 16:24:03 | 006,813,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\b5f67ff59d386021c43b1ee400c00feb\System.Data.ni.dll
MOD - [2014.02.13 16:23:42 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014.02.13 16:23:39 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll
MOD - [2014.02.13 16:23:35 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014.02.13 16:23:33 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014.02.13 16:23:26 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014.02.13 16:23:15 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2013.12.13 00:36:58 | 000,063,376 | ---- | M] () -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2008.10.11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.02 03:59:22 | 000,983,040 | ---- | M] () -- C:\Program Files\SCIA\crack\Flexlm\Scia.exe


========== Services (SafeList) ==========

SRV - [2014.08.11 14:51:00 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.11 14:36:28 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.08.06 15:37:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.13 00:36:11 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013.09.27 07:32:04 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2009.08.29 12:53:20 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.04.18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON)
SRV - [2008.04.02 03:59:00 | 000,974,848 | ---- | M] (Macrovision Corporation) [Auto | Running] -- C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe -- (Nexis 3.5 license server - dT 2004)
SRV - [2007.12.11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2001.04.06 23:24:54 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snpstd3.sys -- (SNPSTD3)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0nfq9xo)
DRV - [2014.06.30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014.06.17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2014.06.17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2014.06.17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014.06.17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014.06.17 16:17:56 | 000,190,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverlx.sys -- (AVGIDSDriverl)
DRV - [2014.06.17 16:06:24 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2014.06.17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.12.13 00:18:30 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2013.12.13 00:14:30 | 000,058,736 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
DRV - [2013.12.13 00:14:30 | 000,040,304 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
DRV - [2012.02.29 22:21:17 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.02.29 22:21:16 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.08.17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.12 14:39:14 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.07.23 11:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 11:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008.05.23 13:51:02 | 000,024,624 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008.05.23 13:50:16 | 000,028,592 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.04.28 06:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008.04.10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008.04.04 10:57:00 | 000,296,320 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008.04.03 18:40:44 | 000,074,688 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.28 12:14:02 | 000,024,064 | R--- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008.02.29 16:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.06.21 04:40:02 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.09.19 14:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 14:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.09.19 14:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2001.04.06 23:24:54 | 000,056,592 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... PB_csCZ382
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014.01.30 12:19:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Extensions
[2014.08.06 14:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\extensions
[2014.03.06 15:33:36 | 000,281,800 | ---- | M] () (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2014.04.04 12:04:38 | 000,957,290 | ---- | M] () (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.08.06 15:37:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.08.06 15:37:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTINA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\N6T5A4N4.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: HD for YouTube™ = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf\1.7_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Bounceball = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bnonnffemhpfblohaicmfmofbfaaoobf\1.1_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Balloono = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fmggmlpijnjmhdekfigfbkookpdfodhf\1.4_0\
CHR - Extension: Mail Checker Plus for Google Mail™ = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.4.0_0\
CHR - Extension: Grass = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla\1.0_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Short url using official goo.gl api = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\phncbknmjfhhegegchdflhepkoibbbie\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.01.28 13:16:37 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Bonus.SSR.FR11] C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe (ABBYY Production LLC)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SafeQClient] C:\Program Files\SafeQ\SafeQ_cli.exe (VŠB-TU Ostrava)
O4 - Startup: C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění\Dropbox.lnk = C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDC72966-44E1-439C-8521-4A95E99DBCD6}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\martina\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\martina\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.29 10:19:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{22aedc18-6290-11e0-b980-00248167d4db}\Shell - "" = AutoRun
O33 - MountPoints2\{22aedc18-6290-11e0-b980-00248167d4db}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3528fea7-0409-11df-b71c-00248167d4db}\Shell\AutoRun\command - "" = G:\Toshiba\Launcher\start.exe
O33 - MountPoints2\{41af6ca6-61bd-11e0-b97f-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{41af6ca6-61bd-11e0-b97f-000000000000}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a7f144fc-cf10-11df-b84f-00248167d4db}\Shell - "" = AutoRun
O33 - MountPoints2\{a7f144fc-cf10-11df-b84f-00248167d4db}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.08.23 07:26:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\martina\Plocha\OTL.exe
[2014.08.21 23:48:55 | 000,000,000 | ---D | C] -- C:\rsit
[2014.08.21 23:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Plocha\FRST-OlderVersion
[2014.08.17 20:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2014.08.17 20:05:46 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2014.08.17 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\TV Online
[2014.08.17 20:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TV Online
[2014.08.17 20:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Data aplikací\TV Online
[2014.08.17 11:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Plocha\fotbal
[2014.08.16 07:25:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
[2014.08.16 07:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.08.16 07:23:57 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe
[2014.08.15 10:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TeamViewer 9
[2014.08.15 10:12:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.08.14 20:19:39 | 000,000,000 | ---D | C] -- C:\FRST
[2014.08.14 20:16:41 | 001,094,144 | ---- | C] (Farbar) -- C:\Documents and Settings\martina\Plocha\FRST.exe
[2014.08.14 20:13:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\martina\Recent
[2014.08.06 15:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[18 C:\Documents and Settings\martina\Dokumenty\*.tmp files -> C:\Documents and Settings\martina\Dokumenty\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.08.23 07:29:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.23 07:26:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martina\Plocha\OTL.exe
[2014.08.23 07:24:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.08.23 07:22:15 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.08.23 07:22:14 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.08.23 07:22:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.08.21 23:48:49 | 001,107,968 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\RSIT.exe
[2014.08.21 23:47:47 | 001,094,144 | ---- | M] (Farbar) -- C:\Documents and Settings\martina\Plocha\FRST.exe
[2014.08.21 23:37:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
[2014.08.21 22:54:02 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.08.19 22:01:46 | 000,118,371 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.srt
[2014.08.17 20:12:30 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TV Online.lnk
[2014.08.17 20:05:07 | 000,132,608 | ---- | M] () -- C:\Documents and Settings\martina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.08.17 19:12:07 | 1001,971,712 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Robocop.avi
[2014.08.17 12:19:10 | 1207,363,584 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Amazing.Spider.Man.II.avi
[2014.08.17 12:18:57 | 1150,111,904 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.avi
[2014.08.16 08:37:04 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
[2014.08.16 07:24:32 | 010,284,816 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe
[2014.08.15 12:51:31 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2014.lnk
[2014.08.15 10:36:16 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 9.lnk
[2014.08.15 10:11:52 | 001,356,107 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\adwcleaner_3.305.exe
[2014.08.15 10:08:29 | 000,002,724 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2014.08.15 10:05:55 | 000,001,017 | ---- | M] () -- C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
[2014.08.15 10:05:35 | 000,000,999 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Dropbox.lnk
[2014.08.15 10:00:42 | 002,219,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.08.14 20:06:23 | 000,000,290 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
[2014.08.14 20:06:10 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
[2014.08.14 20:05:45 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
[2014.08.14 20:05:29 | 000,083,942 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
[2014.08.14 19:58:38 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.08.08 15:00:00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.08.01 18:44:13 | 002,148,182 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5800u.jpg
[2014.08.01 18:41:40 | 002,206,453 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5799u.jpg
[2014.07.25 21:33:10 | 006,842,270 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5800.JPG
[2014.07.25 21:32:52 | 006,743,135 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5799.JPG
[2014.07.25 15:47:50 | 008,143,775 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
[18 C:\Documents and Settings\martina\Dokumenty\*.tmp files -> C:\Documents and Settings\martina\Dokumenty\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.08.21 23:48:49 | 001,107,968 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\RSIT.exe
[2014.08.19 22:01:37 | 000,118,371 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.srt
[2014.08.17 20:05:45 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TV Online.lnk
[2014.08.17 19:06:26 | 1001,971,712 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Robocop.avi
[2014.08.17 11:58:12 | 1150,111,904 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.avi
[2014.08.17 11:57:42 | 1207,363,584 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Amazing.Spider.Man.II.avi
[2014.08.15 10:11:51 | 001,356,107 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\adwcleaner_3.305.exe
[2014.08.14 20:06:22 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
[2014.08.14 20:06:09 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
[2014.08.14 20:05:44 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
[2014.08.14 20:05:28 | 000,083,942 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
[2014.08.01 18:44:10 | 002,148,182 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5800u.jpg
[2014.08.01 18:43:36 | 006,842,270 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5800.JPG
[2014.08.01 18:41:09 | 002,206,453 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5799u.jpg
[2014.08.01 18:40:32 | 006,743,135 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5799.JPG
[2014.07.25 16:50:10 | 008,143,775 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
[2014.06.03 12:29:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.04.27 15:53:07 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\martina\Data aplikací\Adobe Formát PNG CS5 – předvolby
[2013.12.08 00:38:36 | 000,234,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.09.27 08:18:00 | 001,846,068 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1844237615-2077806209-839522115-1003-0.dat
[2013.09.27 08:17:59 | 000,399,718 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.09.27 07:32:25 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2013.02.18 22:30:55 | 000,000,047 | ---- | C] () -- C:\WINDOWS\ODA.INI
[2013.02.18 22:30:18 | 000,000,044 | ---- | C] () -- C:\WINDOWS\Esa.INI
[2013.02.18 22:25:13 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\vc8-re200l.dll
[2013.02.18 22:25:10 | 002,383,872 | ---- | C] () -- C:\WINDOWS\System32\csgas.dll
[2013.02.18 22:25:08 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\CadsPCP8r.dll
[2013.02.18 22:25:03 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe
[2012.12.27 14:13:37 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\martina\Data aplikací\Adobe Formát GIF CS5 – předvolby
[2011.04.07 06:42:09 | 000,003,690 | ---- | C] () -- C:\Documents and Settings\martina\.jmf-resource
[2009.08.30 07:12:17 | 000,132,608 | ---- | C] () -- C:\Documents and Settings\martina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.08.29 10:57:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.01.05 15:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\2DBoy
[2011.02.13 09:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AdventureChronicles1
[2013.09.27 08:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2013.09.29 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2011.11.03 21:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.11.07 20:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bitmeter2
[2013.02.18 22:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CADS
[2014.08.17 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2014.03.05 11:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cisco
[2013.03.26 20:19:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.12.12 14:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.04.08 13:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EscapeTheMuseum
[2011.11.05 12:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
[2010.11.30 18:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2014.02.06 18:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileOpen
[2014.08.15 10:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2014.08.14 19:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KB Piano
[2014.08.23 07:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2009.11.24 23:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NFS Underground Demo
[2011.11.07 20:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.03.05 12:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Princess Isabella
[2011.06.08 17:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.11.21 19:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.01.28 15:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2013.03.26 20:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2011.04.11 12:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2012.08.10 11:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Alawar
[2011.02.11 20:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Atari
[2013.09.27 08:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Autodesk
[2013.09.29 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\AVG2014
[2010.04.05 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Bitmeter2
[2012.08.16 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Boolat Games
[2013.02.18 22:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\CADS
[2013.12.10 17:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\DAEMON Tools Lite
[2014.08.21 21:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Dropbox
[2014.02.06 18:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FileOpen
[2013.06.07 14:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FlvtoConverter
[2011.04.06 15:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\GetWare
[2011.11.07 20:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Nokia
[2011.11.07 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\PC Suite
[2014.06.01 09:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TeamViewer
[2009.12.10 14:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Thinstall
[2013.03.26 20:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TuneUp Software
[2014.08.17 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TV Online
[2010.10.29 10:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\VitySoft
[2011.04.11 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Vodafone
[2014.08.17 19:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\XnView
[2013.12.07 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.08.29 10:17:25 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.08.29 10:22:49 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.02.28 19:00:00 | 000,000,982 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
[2012.02.28 19:00:00 | 000,001,034 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
[2012.08.24 18:52:31 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.24 18:52:31 | 000,000,942 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.27 19:34:51 | 000,000,220 | ---- | C] () -- C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.27 19:34:51 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

< >

< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2010.06.11 02:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2005.09.29 01:35:25 | 000,134,272 | ---- | M] (Microsoft Corporation) MD5=A3961B9456DE472D2F152C9DE950FFA5 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtUninstallKB896256$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: IASTOR.SYS >
[2008.04.15 19:54:16 | 000,388,120 | R--- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IASTOR.SYS
[2008.04.15 19:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IASTOR.SYS
[2008.04.15 19:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\DRVSTORE\IAAHCI_E7EB69FF3449D216602D0D37A1D73969621673A9\iaStor.sys
[2008.04.16 00:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtUninstallKB912436$\ndis.sys
[2006.01.10 03:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.01.23 17:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\ABBYY
[2011.06.08 17:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Adobe
[2009.08.29 13:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\AdobeUM
[2012.08.10 11:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Alawar
[2011.02.11 20:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Atari
[2013.09.27 08:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Autodesk
[2013.09.29 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\AVG2014
[2010.04.05 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Bitmeter2
[2012.08.16 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Boolat Games
[2013.02.18 22:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\CADS
[2013.12.10 17:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\DAEMON Tools Lite
[2014.08.21 21:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Dropbox
[2013.06.25 17:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\dvdcss
[2009.08.29 16:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FastStone
[2014.02.06 18:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FileOpen
[2010.10.03 19:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FLEXnet
[2013.06.07 14:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FlvtoConverter
[2011.04.06 15:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\GetWare
[2013.01.07 14:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Google
[2010.11.08 11:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\GRETECH
[2010.01.15 10:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Help
[2014.08.23 07:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\hpqLog
[2009.08.29 10:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Identities
[2009.08.29 10:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\InstallShield
[2011.11.05 20:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Macromedia
[2014.08.16 07:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
[2014.02.02 10:32:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\martina\Data aplikací\Microsoft
[2014.06.15 19:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Mozilla
[2011.11.07 20:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Nokia
[2011.11.07 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\PC Suite
[2010.12.14 23:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Real
[2014.08.15 10:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Skype
[2011.08.15 09:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\skypePM
[2010.04.11 16:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Sun
[2014.06.01 09:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TeamViewer
[2009.12.10 14:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Thinstall
[2013.03.26 20:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TuneUp Software
[2014.08.17 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TV Online
[2010.10.29 10:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\VitySoft
[2014.08.19 22:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\vlc
[2011.04.11 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Vodafone
[2009.08.29 11:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\WinRAR
[2011.03.20 12:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\WTablet
[2014.08.17 19:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\XnView

< %APPDATA%\*.exe /s >
[2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe
[2014.07.30 02:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2014.07.30 02:22:12 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\martina\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.12 14:39:14 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.08.29 12:07:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.08.29 12:07:23 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.08.29 12:07:23 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.08.23 07:24:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.10.27 09:38:17 | 000,136,176 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.08.23 07:29:40 | 000,000,512 | ---- | M] () MD5=4DEE96AAFE4344473647C569780025D3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.02.20 00:40:38 | 000,388,993 | ---- | M] () -- \Documents and Settings\martina\Dokumenty\Downloads\Nexis-3.60.15-cz-FULL\Nexis 3.60.15 cz FULL\crack_3.60.15\crack.zip
[2009.02.18 10:25:22 | 000,000,774 | ---- | M] () -- \Documents and Settings\martina\Dokumenty\Downloads\Scia-Engineer\Scia Engineer\Navod scia engineer crack.txt
[2001.08.14 19:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\Inventor Server\Textures\surfaces\Cracks.bmp
[2008.04.02 15:26:50 | 000,001,602 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\BasicResults-EP_PropertyConcretePrestressStupenBezpecnostiCrack [default].otx
[2008.04.02 15:26:50 | 000,001,602 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\BasicResults-EP_ResPropertyMacro2DCrack [default].otx
[2008.04.02 15:26:50 | 000,001,642 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\BasicResults-EP_ResPropertyMacro2DReinforcement2D_CrackProof [default].otx
[2008.04.02 15:26:46 | 000,001,636 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete calc crack proof [cb-crack-short-NEN].otx
[2008.04.02 15:26:50 | 000,002,761 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete calc crack proof [default].otx
[2008.04.02 15:26:48 | 000,001,602 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete calc prestress crack proof [default].otx
[2008.04.02 15:26:42 | 000,007,394 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack As [brief].otx
[2008.04.02 15:26:50 | 000,008,636 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack As [default].otx
[2008.04.02 15:26:52 | 000,004,100 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack distance [Brief].otx
[2008.04.02 15:26:52 | 000,002,271 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack distance [cb-872b-short].otx
[2008.04.02 15:26:52 | 000,008,077 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack distance [default].otx
[2008.04.02 15:26:44 | 000,006,298 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack profile [Brief].otx
[2008.04.02 15:26:50 | 000,004,777 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack profile [cb-872a].otx
[2008.04.02 15:26:50 | 000,010,656 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack profile [default].otx
[2008.04.02 15:26:42 | 000,005,719 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack shear [default].otx
[2008.04.02 15:26:50 | 000,010,901 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack width [brief].otx
[2008.04.02 15:26:40 | 000,012,332 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack width [default].otx
[2008.04.02 15:26:44 | 000,004,215 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress checks crack resistance check [default].otx
[2008.04.02 15:26:46 | 000,004,243 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress checks crack resistance [default].otx
[2008.04.02 15:26:40 | 000,003,949 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress checks crack width check [default].otx
[2008.04.02 15:26:44 | 000,004,775 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack As [brief].otx
[2008.04.02 15:26:50 | 000,005,893 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack As [default].otx
[2008.04.02 15:26:52 | 000,003,966 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack checkline [default].otx
[2008.04.02 15:26:40 | 000,003,613 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack distance [brief].otx
[2008.04.02 15:26:50 | 000,006,292 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack distance [default].otx
[2008.04.02 15:26:44 | 000,004,136 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack distance [detailed].otx
[2008.04.02 15:26:42 | 000,005,057 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack profile [brief].otx
[2008.04.02 15:26:44 | 000,007,746 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack profile [default].otx
[2008.04.02 15:26:40 | 000,005,050 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack profile [detailed].otx
[2008.04.02 15:26:52 | 000,004,905 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack width [brief].otx
[2008.04.02 15:26:52 | 000,006,490 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack width [default].otx
[2008.04.02 15:26:40 | 000,004,414 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\DataAddConcrete-MemberDataConcrete [Crack coefficients].otx
[2008.04.02 15:26:40 | 000,007,603 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\EP_Results-EP_ResMacro2DConcreteCrack2D [default].otx
[2010.05.02 18:13:34 | 000,003,861 | ---- | M] () -- \Program Files\Vitware\Word Manager\PicBank\crack.gif
[2010.05.02 18:11:14 | 000,014,024 | ---- | M] () -- \Program Files\Vitware\Word Manager\SndBank\crack.am.wav

< *keygen* /s >
[2000.10.30 10:32:48 | 000,025,088 | ---- | M] () -- \Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\Keygen.exe
[2000.11.01 04:13:38 | 000,002,293 | ---- | M] () -- \Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\keygen.nfo

< *AntiWPA* /s >

< *loader* /s >
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2008.02.25 06:42:48 | 000,012,800 | ---- | M] () -- \Documents and Settings\martina\Dokumenty\Downloads\tdp\Turbo Delphi Portable\Experts\DelphiSpeedUp\DelphiSpeedUpLoader10.bpl
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\skin\ajax-loader.gif
[2014.03.05 11:56:38 | 000,925,072 | ---- | M] () -- \Documents and Settings\martina\Local Settings\Temp\1A.tmp\vpndownloader.exe
[2008.02.25 05:42:48 | 000,012,800 | ---- | M] () -- \Documents and Settings\martina\Plocha\PLOCHA PROTŘÍDIT\Turbo Delphi Portable\Experts\DelphiSpeedUp\DelphiSpeedUpLoader10.bpl
[2007.01.31 09:07:46 | 000,027,752 | ---- | M] () -- \Program Files\AutoCAD 2008\AecLoader.arx
[2011.02.04 05:53:33 | 000,134,368 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AcAutoLoader.arx
[2011.03.15 14:58:23 | 000,010,568 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AcAutoLoaderRes.dll
[2011.02.04 05:52:48 | 000,328,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AdDownloaderCore.dll
[2011.01.17 18:09:50 | 000,024,456 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AecLoader.arx
[2010.11.24 07:35:32 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AdExchange\loader.gif
[2013.09.27 07:33:43 | 000,000,390 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\Help\contexthelp\APPAUTOLOADER.htm
[2011.01.25 01:42:42 | 000,044,704 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\Inventor Server\Bin\ClrAddinLoader.dll
[2013.12.13 00:36:21 | 000,925,072 | ---- | M] () -- \Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2013.12.13 00:36:21 | 000,925,072 | ---- | M] () -- \Program Files\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2011.11.01 14:56:46 | 000,884,224 | ---- | M] () -- \Program Files\ShareRapid poker\Loader.exe
[2011.11.01 14:57:22 | 000,016,491 | ---- | M] () -- \Program Files\ShareRapid poker\Loader.ini
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2009.08.29 11:06:50 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.04.02 15:26:52 | 000,002,130 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\EP_DSG_Elements-EP_StructNode [default].otx
[2008.04.02 15:26:52 | 000,002,943 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\EP_DSG_Elements-EP_StructNode [Detailed].otx
[2008.04.02 15:26:30 | 000,002,142 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\xml\EP_DSG_Elements-EP_StructNode [default].otx

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2008.09.02 03:17:42 | 000,000,074 | ---- | M] () -- \Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\SERIAL.TXT
[2006.11.28 19:35:14 | 000,002,274 | ---- | M] () -- \Program Files\AutoCAD 2008\WebDepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R4\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.05.02 18:10:24 | 000,016,950 | ---- | M] () -- \Program Files\Vitware\Word Manager\SndBank\serial.am.wav
[2010.05.02 18:11:02 | 000,017,368 | ---- | M] () -- \Program Files\Vitware\Word Manager\SndBank\serial.br.wav
[2006.03.02 14:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.08.29 12:48:12 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.13 16:19:02 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.11 00:47:07 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 16:17:03 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 16:14:55 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.13 17:56:53 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.25 12:04:54 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.15 13:39:20 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab90a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
[2014.02.13 17:57:12 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
[2010.03.18 14:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.03.03 18:37:33 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.13 16:22:25 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.03.03 18:37:31 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.13 16:22:20 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 18:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2006.03.02 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2006.03.02 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D

< End of report >

[Northend]

OTL Extras logfile created on: 23.8.2014 7:26:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\martina\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 46,66% Memory free
3,78 Gb Paging File | 2,82 Gb Available in Paging File | 74,63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 45,71 Gb Free Space | 20,51% Space Free | Partition Type: NTFS
Drive D: | 1021,00 Mb Total Space | 1018,45 Mb Free Space | 99,75% Space Free | Partition Type: FAT32
Drive E: | 9,00 Gb Total Space | 2,25 Gb Free Space | 25,04% Space Free | Partition Type: NTFS

Computer Name: MARTINA-NOTAS | User Name: martina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\GetWare\WebCam Live\WebCam.exe" = C:\Program Files\GetWare\WebCam Live\WebCam.exe:*:Enabled:WebCam Live
"C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\flexlm\nexis\lmgrd.exe" = C:\flexlm\nexis\lmgrd.exe:*:Enabled:lmgrd -- ()
"C:\flexlm\nexis\scia.exe" = C:\flexlm\nexis\scia.exe:*:Enabled:scia -- ()
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe" = C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe:*:Enabled:ZunTzu
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe" = C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe:*:Enabled:Colin McRae Rally 2 -- (Codemasters Software Ltd)
"C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe" = C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application -- (Codemasters Software)
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe" = C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe:*:Enabled:TV Online
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe" = C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe:*:Enabled:TV Online
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE" = C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE:*:Enabled:Main executable for Red Alert 2 -- (Westwood Studios)
"I:\UnrealTournament\System\UnrealTournament.exe" = I:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DF4D84-E652-4557-97CC-56FAE8622FE5}" = TV Online
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 27
"{27498953-A7BB-4F1E-8EFA-F50DBB067FC2}" = Scia Engineer 2008
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{5783F2D7-A001-0405-0002-0060B0CE6BBA}" = AutoCAD 2012 - Czech
"{5783F2D7-A001-0405-1002-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Czech
"{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F53A8DC-4857-4687-9740-F30129EE5FC0}_is1" = ShareRapid poker verze 1.8
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{983980FC-66FB-4ECC-A5D8-4565BE217733}" = SCR3xxx Smart Card Reader
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAAB700A-DDB7-4298-AB4B-B6E9F785059C}" = Cisco AnyConnect Secure Mobility Client
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C9811F26-3EF6-449A-9736-BB79A125D894}" = AVG 2014
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E62AFEB8-BF5A-4287-A19B-198BB17F6276}" = AVG 2014
"{ED8BA12A-AD99-4E61-9E4B-AB64957999AE}" = HP 3D DriveGuard
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11000CE-0010-0000-0000-074957833700}" = ABBYY FineReader 11 Corporate Edition
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"AutoCAD 2012 - Czech" = AutoCAD 2012 - Czech
"AVG" = AVG 2014
"CADS Composite Beam Designer" = CADS Composite Beam Designer
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FreeCommander_is1" = FreeCommander 2009.02
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{27498953-A7BB-4F1E-8EFA-F50DBB067FC2}" = Scia Engineer 2008
"InstallShield_{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"Kill Winamp_is1" = KillWinamp 1.61
"LMS" = C-Dilla Licence Management System
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Photoshop CS5 micro cz_is1" = Photoshop CS5 micro cz v12.0.1.0
"SafeQ" = SafeQ
"SteelMemberDesigner" = SteelMemberDesigner
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 9" = TeamViewer 9
"TV Online 1.6.1" = TV Online
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 2.1.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"Word Manager" = Word Manager
"XnView_is1" = XnView 2.00

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.8.2014 4:02:11 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_inx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:14 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_idx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:16 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_kox.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:18 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_msx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:21 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_rux.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:23 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_trx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:25 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_zhx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:27 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_ztx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:30 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_esx.cab.
Verify that the file exists and that you can access it.

Error - 21.8.2014 17:43:48 | Computer Name = MARTINA-NOTAS | Source = EventSystem | ID = 4614
Description = Systém událostí modelu COM+ zjistil nekonzistenci vnitřního stavu.
Výraz GetLastError() == 122L selhal na řádku 162 v d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Obraťte se na služby odborné pomoci společnosti Microsoft a informujte je o této
chyb

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 23.8.2014 1:22:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: DeviceIDInfo::AppendBinaryRegistryKey File: .\Utility\DeviceID.cpp
Line:
165 Invoked Function: CRegKey::QueryBinaryValue Return Code: 2 (0x00000002) Description:
Systém nemůže nalézt uvedený soubor.

Error - 23.8.2014 1:22:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: XmlParser::invokeParser File: .\Xml\XmlParser.cpp Line: 182
Invoked
Function: ISAXXMLReader::parse Return Code: -2146697210 (0x800C0006) Description:
WINDOWS_ERROR_CODE

Error - 23.8.2014 1:22:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: CPhoneHomeAgent::LoadSettingsFromXmlFile File: ..\PhoneHomeAgent.cpp
Line:
608 Invoked Function: XmlParser::parseFile Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED

Error - 23.8.2014 1:22:25 | Computer Name = MARTINA-NOTAS | Source = acvpnui | ID = 67108866
Description = Function: XmlPrefMgr::endElement File: .\xml\XmlPrefMgr.cpp Line: 142
Invoked
Function: UserPreferences::endElement Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED Attempt to set undefined preference <DefaultDomain>.

Error - 23.8.2014 1:22:25 | Computer Name = MARTINA-NOTAS | Source = acvpnui | ID = 67108866
Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 332
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Žádná další
data nejsou k dispozici.

Error - 23.8.2014 1:22:25 | Computer Name = MARTINA-NOTAS | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1360 NULL object. Cannot establish a connection at this time.

Error - 23.8.2014 1:24:51 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


Error - 23.8.2014 1:27:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 23.8.2014 1:27:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 23.8.2014 1:27:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL

[ OSession Events ]
Error - 27.11.2009 15:12:44 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12481
seconds with 2700 seconds of active time. This session ended with a crash.

Error - 9.1.2010 14:41:05 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 34696
seconds with 540 seconds of active time. This session ended with a crash.

Error - 10.1.2010 15:33:23 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7662
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 22.11.2011 13:10:56 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 112
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.8.2014 15:20:06 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 21.8.2014 15:21:28 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 21.8.2014 17:42:24 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 21.8.2014 17:43:47 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 21.8.2014 17:43:47 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7034
Description = Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 21.8.2014 17:46:09 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 21.8.2014 17:47:32 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 23.8.2014 1:23:24 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 23.8.2014 1:24:48 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 23.8.2014 1:38:21 | Computer Name = MARTINA-NOTAS | Source = HBtnKey | ID = 327684
Description =


< End of report >

[motji]

Dobrý den,
Nebojte, kolega na Vás nezapoměl, jen nemělpřístup k internetu.
Večer se na to podívám, nebo kolega ráno.

[Márty84]

Napiste mi velikost adresare plochy (C:\Documents and Settings\martina\Plocha)




Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
gupdate1ca411a4416cfc2
SkypeUpdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
C:\Documents and Settings\martina\Data aplikací\Malwarebytes
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}: "URL" = http://www.bing.com/search?q={searchTerms}&form=B8MCDF&pc=B8MC&src=IE-SearchBox
[2014.08.16 07:25:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
[2014.08.16 07:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.08.16 07:23:57 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe
[18 C:\Documents and Settings\martina\Dokumenty\*.tmp files -> C:\Documents and Settings\martina\Dokumenty\*.tmp -> ]
[2013.12.07 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Bonus.SSR.FR11"=-
"KernelFaultCheck"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[Northend]

Napiste mi velikost adresare plochy

Plocha má v současnosti 12,5 GB ( 9,5 jsou 3-4 filmy co vydrží tři dny pak jdou přes shift+del pryč)


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 37205 bytes

User: martina
->Temp folder emptied: 11739918 bytes
->Temporary Internet Files folder emptied: 7619071 bytes
->Java cache emptied: 16583165 bytes
->FireFox cache emptied: 28253093 bytes
->Google Chrome cache emptied: 458474567 bytes
->Flash cache emptied: 2745 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33977 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14615007 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 736189022 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1532 bytes

Total Files Cleaned = 1 215,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: martina
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate1ca411a4416cfc2 stopped successfully!
Service gupdate1ca411a4416cfc2 deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job moved successfully.
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}\ not found.
Folder C:\Documents and Settings\martina\Data aplikací\Malwarebytes\ not found.
Folder C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\ not found.
C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe moved successfully.
C:\Documents and Settings\martina\Dokumenty\$AP13.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP130.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP176.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP20.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP223.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP30.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP3B.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP40.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP41.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP42.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP681.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP682.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP884.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP8B.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APA2.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APAE.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APAF.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APB2.tmp deleted successfully.
C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar\cache folder moved successfully.
C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP194.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F54.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP291.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP293.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP819.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI51.tmp deleted successfully.
C:\WINDOWS\Installer\MSI94.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9E.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bonus.SSR.FR11 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08292014_120540

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...