VIRY.CZ

Zdravím,
přítelkyně odjela do Paříže tak jsem dostal svolení vyčistit s vaší pomocí její notebook.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2014 01
Ran by martina (administrator) on MARTINA-NOTAS on 14-08-2014 20:19:52
Running from C:\Documents and Settings\martina\Plocha
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Google) C:\Program Files\Google\Google Talk\googletalk.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(VŠB-TU Ostrava) C:\Program Files\SafeQ\SafeQ_cli.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(C-Dilla Ltd) C:\WINDOWS\system32\drivers\CDANTSRV.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
(Macrovision Corporation) C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
(Macrovision Corporation) C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\SCIA\crack\Flexlm\Scia.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\WINDOWS\system32\ntvdm.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\martina\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\avgrsstarter: C:\WINDOWS\system32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\Run: [Google Update] => C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [136176 2011-10-27] (Google Inc.)
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [17148552 2012-02-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {22aedc18-6290-11e0-b980-00248167d4db} - I:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {3528fea7-0409-11df-b71c-00248167d4db} - G:\Toshiba\Launcher\start.exe
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {41af6ca6-61bd-11e0-b97f-000000000000} - I:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1844237615-2077806209-839522115-1003\...\MountPoints2: {a7f144fc-cf10-11df-b84f-00248167d4db} - H:\setup_vmc_lite.exe /checkApplicationPresence
Startup: C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: Správa překryvné ikony digitálních podpisů AutoCADu -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk, Inc.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/sear ... earchTerms}
SearchScopes: HKCU - {4F11ACBB-393F-4c86-A214-FF3D0D155CC3} URL = http://search.burn4free-toolbar.com/sea ... arch-field
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4b3d2cf0 ... te=us&nt=1
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.136

FireFox:
========
FF ProfilePath: C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\martina\Data aplikací\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\martina\Data aplikací\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Speed Dial - C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-03-06]
FF Extension: Adblock Plus - C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-22]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-04-11]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR StartupUrls: "chrome://newtab/"
CHR Extension: (HD for YouTube™) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-01-16]
CHR Extension: (Angry Birds) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-12-10]
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-10]
CHR Extension: (Disk Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-10]
CHR Extension: (YouTube) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-10]
CHR Extension: (Bounceball) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bnonnffemhpfblohaicmfmofbfaaoobf [2013-12-10]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-10]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-10]
CHR Extension: (Balloono) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fmggmlpijnjmhdekfigfbkookpdfodhf [2013-12-10]
CHR Extension: (Mail Checker Plus for Google Mail™) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe [2013-12-10]
CHR Extension: (Grass) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla [2013-12-10]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-10]
CHR Extension: (Short url using official goo.gl api) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\phncbknmjfhhegegchdflhepkoibbbie [2013-12-10]
CHR Extension: (Gmail) - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-10]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [32256 2001-04-06] (C-Dilla Ltd) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2013-09-27] (Flexera Software, Inc.)
S2 gupdate1ca411a4416cfc2; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-09-29] (Google Inc.)
R2 Nexis 3.5 license server - dT 2004; C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe [974848 2008-04-02] (Macrovision Corporation) [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [560528 2013-12-13] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\WINDOWS\System32\DRIVERS\acsint.sys [40304 2013-12-13] (Cisco Systems, Inc.)
S3 acsmux; C:\WINDOWS\System32\DRIVERS\acsmux.sys [58736 2013-12-13] (Cisco Systems, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [165376 2012-02-29] () [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AvgLdx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AvgMfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [74688 2008-04-03] (Broadcom Corporation.)
S3 C-Dilla; C:\WINDOWS\system32\drivers\CDANT.SYS [56592 2001-04-06] (Macrovision) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 eabfiltr; C:\WINDOWS\System32\DRIVERS\eabfiltr.sys [7808 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\WINDOWS\System32\DRIVERS\eabusb.sys [5760 2005-09-19] (Hewlett-Packard Development Company, L.P.)
S3 hwusbfake; C:\WINDOWS\System32\DRIVERS\ewusbfake.sys [100480 2009-07-23] (Huawei Technologies Co., Ltd.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2012-02-29] () [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3626112 2008-04-28] (Intel Corporation)
S3 SCR3XX2K; C:\WINDOWS\System32\DRIVERS\SCR3XX2K.sys [56448 2007-06-21] (SCM Microsystems Inc.)
R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1804160 2008-04-10] ()
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [691696 2009-12-12] () [File not signed]
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [296320 2008-04-04] (Marvell)
U3 ajbbjfed; C:\WINDOWS\system32\Drivers\ajbbjfed.sys [0 ] (Microsoft Corporation)
S2 adfs; No ImagePath
U2 CertPropSvc;
S4 IntelIde; No ImagePath
S3 PCASp50; System32\Drivers\PCASp50.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U2 Sentinel; \SystemRoot\System32\Drivers\SENTINEL.SYS
S3 SNPSTD3; system32\DRIVERS\snpstd3.sys [X]
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 20:19 - 2014-08-14 20:20 - 00021268 _____ () C:\Documents and Settings\martina\Plocha\FRST.txt
2014-08-14 20:19 - 2014-08-14 20:19 - 00000000 ____D () C:\FRST
2014-08-14 20:17 - 2014-08-14 20:17 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\martina\Plocha\FRSTLauncher.exe
2014-08-14 20:16 - 2014-08-14 20:16 - 01092096 _____ (Farbar) C:\Documents and Settings\martina\Plocha\FRST.exe
2014-08-14 20:06 - 2014-08-14 20:06 - 00000788 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
2014-08-14 20:06 - 2014-08-14 20:06 - 00000290 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
2014-08-14 20:05 - 2014-08-14 20:05 - 00083942 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
2014-08-14 20:05 - 2014-08-14 20:05 - 00001710 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
2014-08-14 19:55 - 2014-08-14 19:55 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-07 19:18 - 2014-08-07 21:11 - 00004383 _____ () C:\Documents and Settings\martina\Plocha\PAŘÍŽ.txt
2014-08-06 15:37 - 2014-08-06 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-25 16:50 - 2014-07-25 15:47 - 08143775 _____ () C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
2014-07-19 21:35 - 2014-07-19 21:37 - 00000000 ____D () C:\Documents and Settings\martina\Plocha\mpp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-14 20:20 - 2014-08-14 20:19 - 00021268 _____ () C:\Documents and Settings\martina\Plocha\FRST.txt
2014-08-14 20:20 - 2009-08-29 10:23 - 00000000 ____D () C:\Documents and Settings\martina\Local Settings\Temp
2014-08-14 20:19 - 2014-08-14 20:19 - 00000000 ____D () C:\FRST
2014-08-14 20:19 - 2009-08-29 10:23 - 00000000 ___HD () C:\Documents and Settings\martina\Local Settings\Data aplikací
2014-08-14 20:19 - 2009-08-29 10:23 - 00000000 ____D () C:\Documents and Settings\martina\Plocha
2014-08-14 20:17 - 2014-08-14 20:17 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\martina\Plocha\FRSTLauncher.exe
2014-08-14 20:16 - 2014-08-14 20:16 - 01092096 _____ (Farbar) C:\Documents and Settings\martina\Plocha\FRST.exe
2014-08-14 20:13 - 2009-09-29 17:34 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\Skype
2014-08-14 20:13 - 2009-08-29 10:23 - 00000000 ___RD () C:\Documents and Settings\martina\Nabídka Start\Programy
2014-08-14 20:13 - 2009-08-29 10:23 - 00000000 ____D () C:\Documents and Settings\martina
2014-08-14 20:06 - 2014-08-14 20:06 - 00000788 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
2014-08-14 20:06 - 2014-08-14 20:06 - 00000290 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
2014-08-14 20:06 - 2009-08-29 10:23 - 00000000 ___RD () C:\Documents and Settings\martina\Dokumenty
2014-08-14 20:05 - 2014-08-14 20:05 - 00083942 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
2014-08-14 20:05 - 2014-08-14 20:05 - 00001710 _____ () C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
2014-08-14 20:01 - 2011-12-13 14:39 - 00000000 ____D () C:\Documents and Settings\martina\Local Settings\Data aplikací\Deployment
2014-08-14 20:00 - 2011-04-06 16:32 - 00000000 ____D () C:\Program Files\Yawcam
2014-08-14 20:00 - 2009-08-29 12:08 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-08-14 20:00 - 2009-08-29 12:08 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-08-14 20:00 - 2009-08-29 12:01 - 00000000 ____D () C:\WINDOWS\twain_32
2014-08-14 20:00 - 2009-08-29 10:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-14 20:00 - 2006-03-02 14:00 - 00001115 _____ () C:\WINDOWS\win.ini
2014-08-14 19:59 - 2012-12-18 22:09 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\KB Piano
2014-08-14 19:59 - 2009-08-29 12:10 - 00000325 ____N () C:\WINDOWS\wiadebug.log
2014-08-14 19:58 - 2013-12-10 17:16 - 00001813 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-08-14 19:58 - 2012-11-17 13:22 - 00000000 ____D () C:\NEXIS32
2014-08-14 19:58 - 2012-08-24 18:52 - 00000942 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 19:56 - 2009-08-29 10:30 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-14 19:56 - 2009-08-29 10:28 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-08-14 19:55 - 2014-08-14 19:55 - 00000000 ____D () C:\WINDOWS\LastGood
2014-08-14 19:54 - 2010-03-29 13:35 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Google
2014-08-14 19:54 - 2009-09-08 08:56 - 00000000 ____D () C:\Program Files\Google
2014-08-14 19:54 - 2009-08-29 10:22 - 00032504 ____N () C:\WINDOWS\SchedLgU.Txt
2014-08-14 19:53 - 2013-06-07 12:53 - 00000000 ____D () C:\Documents and Settings\martina\Local Settings\Data aplikací\Flvto Youtube Downloader
2014-08-14 19:49 - 2013-11-19 14:44 - 00000000 ____D () C:\Documents and Settings\All Users\Dokumenty\ArcPad
2014-08-14 19:47 - 2009-11-18 21:49 - 00000000 ____D () C:\Program Files\DivX
2014-08-14 19:46 - 2011-12-23 14:42 - 00000000 ____D () C:\Program Files\CdCoverCreator
2014-08-14 19:45 - 2011-11-07 20:12 - 00000000 ____D () C:\WINDOWS\pss
2014-08-14 19:45 - 2009-08-29 10:59 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-08-14 19:45 - 2009-08-29 10:23 - 00000000 ___RD () C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění
2014-08-14 19:39 - 2009-08-29 10:18 - 01059633 ____N () C:\WINDOWS\WindowsUpdate.log
2014-08-14 19:38 - 2013-03-26 20:19 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-08-14 19:37 - 2012-02-28 19:00 - 00001034 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
2014-08-14 19:35 - 2012-02-13 11:02 - 00000000 ___RD () C:\Documents and Settings\martina\Dokumenty\Dropbox
2014-08-14 19:35 - 2012-02-13 11:01 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\Dropbox
2014-08-14 19:35 - 2006-03-02 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-14 19:33 - 2009-08-29 12:10 - 00000049 ____N () C:\WINDOWS\wiaservc.log
2014-08-14 19:32 - 2014-03-27 19:34 - 00000226 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-08-14 19:32 - 2012-08-24 18:52 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 19:32 - 2009-08-29 10:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-11 16:00 - 2012-03-22 21:03 - 03997696 _____ () C:\WINDOWS\system32\config\ACVPN.evt
2014-08-11 16:00 - 2009-08-29 10:23 - 00000178 ___SH () C:\Documents and Settings\martina\ntuser.ini
2014-08-11 15:52 - 2012-01-28 15:58 - 00008192 ___SH () C:\WINDOWS\Thumbs.db
2014-08-10 22:00 - 2009-11-01 23:32 - 00000008 _____ () C:\debugoutput.txt
2014-08-10 19:06 - 2010-02-11 20:11 - 00395776 ___SH () C:\Documents and Settings\martina\Plocha\Thumbs.db
2014-08-10 18:57 - 2014-06-17 15:47 - 00000000 ____D () C:\Documents and Settings\martina\Plocha\PAŘÍŽ
2014-08-08 15:00 - 2014-03-27 19:34 - 00000220 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-08-07 21:11 - 2014-08-07 19:18 - 00004383 _____ () C:\Documents and Settings\martina\Plocha\PAŘÍŽ.txt
2014-08-07 18:56 - 2014-01-30 12:19 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-07 10:02 - 2014-04-01 11:53 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG
2014-08-07 10:02 - 2013-09-29 19:53 - 00000702 _____ () C:\Documents and Settings\All Users\Plocha\AVG 2014.lnk
2014-08-07 08:39 - 2013-08-15 18:21 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-07 08:37 - 2012-02-28 19:00 - 00000982 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
2014-08-07 08:33 - 2009-09-24 16:56 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-06 15:37 - 2014-08-06 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-06 14:37 - 2009-08-29 10:23 - 00000000 __RHD () C:\Documents and Settings\martina\Data aplikací
2014-08-06 14:36 - 2012-02-13 11:02 - 00000999 _____ () C:\Documents and Settings\martina\Plocha\Dropbox.lnk
2014-08-06 14:36 - 2012-02-13 11:01 - 00000000 ____D () C:\Documents and Settings\martina\Nabídka Start\Programy\Dropbox
2014-08-01 18:44 - 2009-09-08 09:04 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\XnView
2014-08-01 18:37 - 2009-09-22 11:31 - 00000000 ____D () C:\Documents and Settings\martina\Data aplikací\vlc
2014-07-25 15:47 - 2014-07-25 16:50 - 08143775 _____ () C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
2014-07-24 18:48 - 2009-08-30 07:12 - 00132608 _____ () C:\Documents and Settings\martina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-23 22:14 - 2009-08-31 18:25 - 00000000 ___RD () C:\Documents and Settings\martina\Dokumenty\Filmy
2014-07-19 21:37 - 2014-07-19 21:35 - 00000000 ____D () C:\Documents and Settings\martina\Plocha\mpp

Some content of TEMP:
====================
C:\Documents and Settings\martina\Local Settings\Temp\6_Offer_3.exe
C:\Documents and Settings\martina\Local Settings\Temp\A~NSISu_.exe
C:\Documents and Settings\martina\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpflaol_.dll
C:\Documents and Settings\martina\Local Settings\Temp\GLB1A2B.EXE
C:\Documents and Settings\martina\Local Settings\Temp\Mobogenie_INT.exe
C:\Documents and Settings\martina\Local Settings\Temp\UNINSTALL.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:222.88 GB) (Free:50.31 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.99 GB) FAT32
Drive e: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:2.25 GB) NTFS

Available physical RAM: 847.09 MB
Total physical RAM: 1976.19 MB
Percentage of memory in use: 57%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 233 GB) (Disk ID: 80D2F3EE)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=0C)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job => C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job => C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\martina\Plocha" je 3012 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabdka Start^Programy^Po sputn^Bitmeter2.lnk
C:\DOCUME~1\martina\DOKUME~1\PROGRA~1\BitMeter\BITMET~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^martina^Nabdka Start^Programy^Po sputn^Vezy obrazovky a sputn aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\ICQ6.5\\ICQ.exe"="C:\\Program Files\\ICQ6.5\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG8\\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\\Program Files\\VideoLAN\\VLC\\vlc.exe"="C:\\Program Files\\VideoLAN\\VLC\\vlc.exe:*:Enabled:VLC media player"
"C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"="C:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"="C:\\Program Files\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"="C:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\GetWare\\WebCam Live\\WebCam.exe"="C:\\Program Files\\GetWare\\WebCam Live\\WebCam.exe:*:Enabled:WebCam Live"
"C:\\Documents and Settings\\martina\\Data aplikac\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\martina\\Data aplikac\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Documents and Settings\\martina\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Data aplikac\\Google\\Google Talk Plugin\\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
"C:\\flexlm\\nexis\\lmgrd.exe"="C:\\flexlm\\nexis\\lmgrd.exe:*:Enabled:lmgrd"
"C:\\flexlm\\nexis\\scia.exe"="C:\\flexlm\\nexis\\scia.exe:*:Enabled:scia"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\\ZunTzu.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\\ZunTzu.exe:*:Enabled:ZunTzu"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\\Program Files\\Codemasters\\Colin McRae Rally 2\\CMR2.exe"="C:\\Program Files\\Codemasters\\Colin McRae Rally 2\\CMR2.exe:*:Enabled:Colin McRae Rally 2"
"C:\\Program Files\\Codemasters\\Colin McRae Rally 04\\cmr4.exe"="C:\\Program Files\\Codemasters\\Colin McRae Rally 04\\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application"
"C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\\TV Online.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\\TV Online.exe:*:Enabled:TV Online"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\\TV Online.exe"="C:\\Documents and Settings\\martina\\Local Settings\\Apps\\2.0\\VOL85ATY.JCN\\V33AM0EM.DT8\\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\\TV Online.exe:*:Enabled:TV Online"
"C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\\Documents and Settings\\martina\\Plocha\\red-alert2-portable\\red-alert2-portable\\GAME.EXE"="C:\\Documents and Settings\\martina\\Plocha\\red-alert2-portable\\red-alert2-portable\\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"I:\\UnrealTournament\\System\\UnrealTournament.exe"="I:\\UnrealTournament\\System\\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version9\\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe"="C:\\Program Files\\TeamViewer\\Version9\\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgnsx.exe:*:Enabled:Online Shield"
"C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe"="C:\\Program Files\\AVG\\AVG2014\\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

# AdwCleaner v3.305 - Report created 15/08/2014 at 10:15:14
# Updated 14/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : martina - MARTINA-NOTAS
# Running from : C:\Documents and Settings\martina\Plocha\adwcleaner_3.305.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Documents and Settings\All Users\Dokumenty\AlawarWrapper
Folder Deleted : C:\Documents and Settings\martina\Local Settings\Data aplikací\Mobogenie
Folder Deleted : C:\Documents and Settings\martina\Data aplikací\Systweak
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\Documents and Settings\martina\daemonprocess.txt
File Deleted : C:\DOCUME~1\martina\LOCALS~1\Temp\Uninstall.exe

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\prefs.js ]


-\\ Google Chrome v36.0.1985.143

[ File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

[ File : C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.tfa-czech.cz/?page=websearch&srchtext={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [6122 octets] - [15/08/2014 10:12:04]
AdwCleaner[S0].txt - [6185 octets] - [15/08/2014 10:15:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6245 octets] ##########

Udelejte !!!kompletni!!! kontrolu s MBAM http://www.bleepingcomputer.com/downloa ... re/dl/241/ (musite stahnout verzi 1.75, odmitnout upgrade a aktualizovat jen virovou databazi) a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce. Navod zde http://forum.viry.cz/viewtopic.php?f=29&t=115222

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.08.16.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
martina :: MARTINA-NOTAS [administrátor]

Ochrana: Povolena

16.8.2014 7:28:52
MBAM-log-2014-08-16 (10-32-59).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 472613
Uplynulý čas: 1 hodin, 40 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Documents and Settings\martina\Dokumenty\PROGRAMY A HRY\EA Games\The Sims 2 DVD Nemusí být Crack\Key pro všechny THE sims I datadisky\fff-ea125.exe (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\martina\Local Settings\Temp\Mobogenie_INT.exe (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

(konec)

Nalezy nechte odstranit, pak MBAM odinstalujte.


Dejte novy log z RSIT

je potřeba znovu nechat skoro 2 hodiny prohledávat nebo se ten log dá nějak otevřít?

Northend píše:je potřeba znovu nechat skoro 2 hodiny prohledávat nebo se ten log dá nějak otevřít?

Pokud jste program zavrel, musite udelat novy test.

Logfile of random's system information tool 1.10 (written by random/random)
Run by martina at 2014-08-21 23:48:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 47 GB (21%) free of 228 GB
Total RAM: 1976 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:49:01, on 21.8.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\SafeQ\SafeQ_cli.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\SCIA\crack\Flexlm\SCIA.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\martina\Plocha\RSIT.exe
C:\Program Files\trend micro\martina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SafeQClient] C:\Program Files\SafeQ\SafeQ_cli.exe
O4 - HKLM\..\Run: [Bonus.SSR.FR11] "C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Dropbox.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca411a4416cfc2) (gupdate1ca411a4416cfc2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nexis 3.5 license server - dT 2004 - Macrovision Corporation - C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe

--
End of file - 9728 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job - C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default

prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-09-22 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-09-22 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-04-04 1044480]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-06-05 170520]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-18 178712]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-27 1040384]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2014-08-11 5187088]
"SafeQClient"=C:\Program Files\SafeQ\SafeQ_cli.exe [2012-11-21 474624]
"Bonus.SSR.FR11"=C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2013-06-28 1364496]
"Cisco AnyConnect Secure Mobility Agent for Windows"=C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2013-12-13 707472]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-10-27 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17148552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bitmeter2.lnk]
C:\DOCUME~1\martina\DOKUME~1\PROGRA~1\BitMeter\BITMET~1.EXE [2010-01-24 1462272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^martina^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]

C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-08-29 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-05-21 212992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\GetWare\WebCam Live\WebCam.exe"="C:\Program Files\GetWare\WebCam Live\WebCam.exe:*:Enabled:WebCam Live"
"C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk"
"C:\flexlm\nexis\lmgrd.exe"="C:\flexlm\nexis\lmgrd.exe:*:Enabled:lmgrd"
"C:\flexlm\nexis\scia.exe"="C:\flexlm\nexis\scia.exe:*:Enabled:scia"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe"="C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe:*:Enabled:ZunTzu"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe"="C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe:*:Enabled:Colin McRae Rally 2"
"C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe"="C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application"
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe"="C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe:*:Enabled:TV Online"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe"="C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe:*:Enabled:TV Online"
"C:\Program Files\AVG\AVG2013\avgmfapx.exe"="C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer"
"C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE"="C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE:*:Enabled:Main executable for Red Alert 2"
"I:\UnrealTournament\System\UnrealTournament.exe"="I:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\AVG\AVG2014\avgnsx.exe"="C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield"
"C:\Program Files\AVG\AVG2014\avgdiagex.exe"="C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014"
"C:\Program Files\AVG\AVG2014\avgmfapx.exe"="C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.yv12"=yv12vfw.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-08-21 23:48:55 ----D---- C:\rsit
2014-08-17 20:05:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Caphyon
2014-08-17 20:05:46 ----SHD---- C:\WINDOWS\system32\AI_RecycleBin
2014-08-17 20:05:42 ----D---- C:\Program Files\TV Online
2014-08-17 20:05:17 ----D---- C:\Documents and Settings\martina\Data aplikací\TV Online
2014-08-16 07:25:14 ----D---- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
2014-08-16 07:24:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-08-15 10:12:03 ----D---- C:\AdwCleaner
2014-08-14 20:19:39 ----D---- C:\FRST
2014-08-06 15:37:16 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-08-21 23:49:01 ----D---- C:\WINDOWS\Prefetch
2014-08-21 23:48:58 ----D---- C:\Program Files\trend micro
2014-08-21 23:48:57 ----D---- C:\WINDOWS\system32\CatRoot2
2014-08-21 23:47:33 ----D---- C:\WINDOWS\Temp
2014-08-21 23:44:52 ----D---- C:\Program Files
2014-08-21 23:43:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-08-21 23:42:39 ----D---- C:\WINDOWS\system32\drivers
2014-08-21 21:24:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2014-08-21 21:21:42 ----D---- C:\Documents and Settings\martina\Data aplikací\Dropbox
2014-08-20 23:05:26 ----A---- C:\debugoutput.txt
2014-08-20 22:41:35 ----D---- C:\WINDOWS\Minidump
2014-08-20 22:41:35 ----D---- C:\WINDOWS
2014-08-19 22:03:33 ----D---- C:\Documents and Settings\martina\Data aplikací\vlc
2014-08-19 08:56:54 ----HD---- C:\WINDOWS\inf
2014-08-17 20:12:31 ----SHD---- C:\WINDOWS\Installer
2014-08-17 20:05:46 ----D---- C:\WINDOWS\system32
2014-08-17 19:55:53 ----D---- C:\Documents and Settings\martina\Data aplikací\XnView
2014-08-16 03:04:21 ----D---- C:\WINDOWS\system32\MRT
2014-08-16 03:00:33 ----D---- C:\WINDOWS\Debug
2014-08-16 03:00:26 ----A---- C:\WINDOWS\system32\MRT.exe
2014-08-15 10:22:05 ----D---- C:\Documents and Settings\martina\Data aplikací\Skype
2014-08-15 10:15:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2014-08-15 10:08:29 ----A---- C:\WINDOWS\WDICT32.INI
2014-08-14 20:00:00 ----HD---- C:\Program Files\InstallShield Installation Information
2014-08-14 20:00:00 ----D---- C:\WINDOWS\twain_32
2014-08-14 20:00:00 ----A---- C:\WINDOWS\win.ini
2014-08-14 19:59:58 ----D---- C:\Program Files\Common Files
2014-08-14 19:59:39 ----RSD---- C:\WINDOWS\assembly
2014-08-14 19:59:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\KB Piano
2014-08-14 19:58:31 ----D---- C:\NEXIS32
2014-08-14 19:56:17 ----D---- C:\Program Files\Hewlett-Packard
2014-08-14 19:56:07 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-08-14 19:54:05 ----D---- C:\Program Files\Google
2014-08-14 19:54:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2014-08-14 19:52:16 ----D---- C:\WINDOWS\WinSxS
2014-08-14 19:48:11 ----RSD---- C:\WINDOWS\Fonts
2014-08-14 19:47:12 ----D---- C:\Program Files\DivX
2014-08-14 19:45:50 ----D---- C:\WINDOWS\pss
2014-08-14 19:45:45 ----D---- C:\Program Files\Common Files\Autodesk Shared
2014-08-07 18:56:59 ----D---- C:\Program Files\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 AvgMfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 hpdskflt;HP Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2008-05-23 24624]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 SFAUDIO;Sonic Focus DSP Driver; C:\WINDOWS\system32\drivers\sfaudio.sys [2008-03-28 24064]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-12 691696]
R1 Avgdiskx;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-30 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-06-17 190232]
R1 AVGIDSShim;AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 AvgLdx86;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 AvgTdiX;AVG TDI Driver; C:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2012-02-29 165376]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2012-02-29 18048]
R3 Accelerometer;HP Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2008-05-23 28592]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-11 338944]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-04-03 74688]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-05-21 6018464]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw5x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-04-28 3626112]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-04-10 1804160]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-27 224672]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2008-04-04 296320]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 acsint;acsint; C:\WINDOWS\system32\DRIVERS\acsint.sys [2013-12-13 40304]
S3 acsmux;acsmux; C:\WINDOWS\system32\DRIVERS\acsmux.sys [2013-12-13 58736]
S3 aj4m13s6;aj4m13s6; C:\WINDOWS\system32\drivers\aj4m13s6.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-07-23 112640]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102528]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-07-23 100480]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 SCR3XX2K;SCR3xx USB SmartCardReader; C:\WINDOWS\system32\DRIVERS\SCR3XX2K.sys [2007-06-21 56448]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-17 60160]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 vpnva;Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2013-12-13 23976]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2007-12-11 12800]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2014-08-11 3244048]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2014-08-11 289328]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2001-04-06 32256]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-18 354840]
R2 Nexis 3.5 license server - dT 2004;Nexis 3.5 license server - dT 2004; C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe [2008-04-02 974848]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-12-13 560528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca411a4416cfc2;Služba Google Update (gupdate1ca411a4416cfc2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-29 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-08-29 85096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-09-27 1044816]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-29 133104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-08-06 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Jeste jeden sken a budeme mazat.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL logfile created on: 23.8.2014 7:26:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\martina\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 46,66% Memory free
3,78 Gb Paging File | 2,82 Gb Available in Paging File | 74,63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 45,71 Gb Free Space | 20,51% Space Free | Partition Type: NTFS
Drive D: | 1021,00 Mb Total Space | 1018,45 Mb Free Space | 99,75% Space Free | Partition Type: FAT32
Drive E: | 9,00 Gb Total Space | 2,25 Gb Free Space | 25,04% Space Free | Partition Type: NTFS

Computer Name: MARTINA-NOTAS | User Name: martina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.08.23 07:26:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martina\Plocha\OTL.exe
PRC - [2014.08.11 14:51:18 | 006,018,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgmfapx.exe
PRC - [2014.08.11 14:51:00 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgidsagent.exe
PRC - [2014.08.11 14:49:02 | 000,846,864 | ---- | M] (AVG Technologies CZ, s.r.o.) -- c:\Program Files\AVG\AVG2014\avgrsx.exe
PRC - [2014.08.11 14:45:50 | 000,643,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgcsrvx.exe
PRC - [2014.08.11 14:42:36 | 000,838,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgnsx.exe
PRC - [2014.08.11 14:42:34 | 005,187,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgui.exe
PRC - [2014.08.11 14:36:28 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.08.07 05:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014.08.06 11:34:34 | 013,246,272 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.08.06 11:21:00 | 000,229,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2013.12.13 00:36:27 | 000,707,472 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
PRC - [2013.12.13 00:36:11 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2012.11.21 15:10:58 | 000,474,624 | ---- | M] (VŠB-TU Ostrava) -- C:\Program Files\SafeQ\SafeQ_cli.exe
PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2008.04.18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE
PRC - [2008.04.18 15:53:58 | 000,178,712 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.02 03:59:22 | 000,983,040 | ---- | M] () -- C:\Program Files\SCIA\crack\Flexlm\Scia.exe
PRC - [2008.04.02 03:59:00 | 000,974,848 | ---- | M] (Macrovision Corporation) -- C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe
PRC - [2007.12.11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe
PRC - [2007.01.01 23:22:02 | 003,739,648 | ---- | M] (Google) -- C:\Program Files\Google\Google Talk\googletalk.exe
PRC - [2001.04.06 23:24:54 | 000,032,256 | ---- | M] (C-Dilla Ltd) -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE


========== Modules (No Company Name) ==========

MOD - [2014.08.07 05:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014.08.07 05:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014.08.07 05:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014.02.13 18:00:30 | 001,227,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\f0ac0cd2869df90f5e17a0b7c6b74edd\System.WorkflowServices.ni.dll
MOD - [2014.02.13 17:59:54 | 000,369,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\852c0f070c5082dab030093f84338d4a\System.ServiceModel.Routing.ni.dll
MOD - [2014.02.13 17:59:53 | 001,142,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b1c2fed4762d90f6c2033afeb1a72b9d\System.ServiceModel.Discovery.ni.dll
MOD - [2014.02.13 17:59:51 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4c1b5f3e49f0e1335e106967fa4a4217\System.ServiceModel.Channels.ni.dll
MOD - [2014.02.13 17:59:33 | 001,393,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\8fccede33dc07b2f991fe02f20786f52\System.ServiceModel.Activities.ni.dll
MOD - [2014.02.13 17:59:29 | 001,079,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\fe7c09c37b8b39bd894d6a225f9ca01b\System.IdentityModel.ni.dll
MOD - [2014.02.13 17:59:27 | 018,109,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\dd733c6f1f9f50f3517d48da5bea80d2\System.ServiceModel.ni.dll
MOD - [2014.02.13 17:59:10 | 001,077,760 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\159b704e66dfb471d05dbb6d82224541\System.ServiceModel.Web.ni.dll
MOD - [2014.02.13 17:57:33 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2e3fdae8546832614633495638bef8d0\System.ServiceProcess.ni.dll
MOD - [2014.02.13 17:57:29 | 001,926,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\db11fb89ce47f21fbc956c88286288dc\System.Web.Services.ni.dll
MOD - [2014.02.13 17:57:15 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\6a5f031a28c774f1163af0715c3a6097\System.EnterpriseServices.ni.dll
MOD - [2014.02.13 17:57:15 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\6a5f031a28c774f1163af0715c3a6097\System.EnterpriseServices.Wrapper.dll
MOD - [2014.02.13 17:57:14 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\fc7255cccb69c45a808b3d7e6abf55c5\System.Transactions.ni.dll
MOD - [2014.02.13 17:57:13 | 001,021,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\469dd20488c4a9606abe21189a3c1ab9\System.Runtime.DurableInstancing.ni.dll
MOD - [2014.02.13 17:57:12 | 002,658,304 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
MOD - [2014.02.13 17:57:12 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\27bdc6196968e44234654e30e1028750\SMDiagnostics.ni.dll
MOD - [2014.02.13 16:24:03 | 006,813,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\b5f67ff59d386021c43b1ee400c00feb\System.Data.ni.dll
MOD - [2014.02.13 16:23:42 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\243ff1822abc8282cb8fee37538170b4\System.Drawing.ni.dll
MOD - [2014.02.13 16:23:39 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\a4b5a1a06d2d7f77258943c8c228a5e0\System.Core.ni.dll
MOD - [2014.02.13 16:23:35 | 001,014,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\991c4e11f571a4074b9c4a5841222338\System.Configuration.ni.dll
MOD - [2014.02.13 16:23:33 | 005,628,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\850fa7110c7423c324762c1ad3130219\System.Xml.ni.dll
MOD - [2014.02.13 16:23:26 | 009,099,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\4c906eb82e6f56aea01b2a7291fab7ea\System.ni.dll
MOD - [2014.02.13 16:23:15 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\4e62d1d9b7dd2c2d14915abb73c22d50\mscorlib.ni.dll
MOD - [2013.12.13 00:36:58 | 000,063,376 | ---- | M] () -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2008.10.11 22:18:46 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.02 03:59:22 | 000,983,040 | ---- | M] () -- C:\Program Files\SCIA\crack\Flexlm\Scia.exe


========== Services (SafeList) ==========

SRV - [2014.08.11 14:51:00 | 003,244,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.08.11 14:36:28 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.08.06 15:37:36 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.08.06 11:34:34 | 005,052,224 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2013.12.13 00:36:11 | 000,560,528 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013.09.27 07:32:04 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2009.08.29 12:53:20 | 000,085,096 | ---- | M] (Autodesk) [On_Demand | Stopped] -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2008.04.18 15:54:02 | 000,354,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE -- (IAANTMON)
SRV - [2008.04.02 03:59:00 | 000,974,848 | ---- | M] (Macrovision Corporation) [Auto | Running] -- C:\Program Files\SCIA\crack\Flexlm\Lmgrd.exe -- (Nexis 3.5 license server - dT 2004)
SRV - [2007.12.11 12:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2001.04.06 23:24:54 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snpstd3.sys -- (SNPSTD3)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0nfq9xo)
DRV - [2014.06.30 12:43:12 | 000,121,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgdiskx.sys -- (Avgdiskx)
DRV - [2014.06.17 16:22:02 | 000,188,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2014.06.17 16:21:22 | 000,197,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2014.06.17 16:18:00 | 000,241,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2014.06.17 16:17:58 | 000,147,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2014.06.17 16:17:56 | 000,190,232 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverlx.sys -- (AVGIDSDriverl)
DRV - [2014.06.17 16:06:24 | 000,098,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2014.06.17 16:06:20 | 000,021,272 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.12.13 00:18:30 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2013.12.13 00:14:30 | 000,058,736 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
DRV - [2013.12.13 00:14:30 | 000,040,304 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
DRV - [2012.02.29 22:21:17 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2012.02.29 22:21:16 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.08.17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.12 14:39:14 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.07.23 11:57:22 | 000,112,640 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.07.23 11:57:22 | 000,102,528 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.23 11:57:22 | 000,100,480 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2008.05.23 13:51:02 | 000,024,624 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008.05.23 13:50:16 | 000,028,592 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.04.28 06:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008.04.10 17:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2008.04.04 10:57:00 | 000,296,320 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2008.04.03 18:40:44 | 000,074,688 | R--- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2008.03.28 12:14:02 | 000,024,064 | R--- | M] (Sonic Focus, Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfaudio.sys -- (SFAUDIO)
DRV - [2008.02.29 16:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2007.06.21 04:40:02 | 000,056,448 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys -- (SCR3XX2K)
DRV - [2007.06.18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2005.09.19 14:24:20 | 000,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2005.09.19 14:24:10 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2005.09.19 14:23:52 | 000,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2001.04.06 23:24:54 | 000,056,592 | ---- | M] (Macrovision) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CDANT.SYS -- (C-Dilla)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE8HP&PC=B8MC
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?rlz=1W4CHBA_csCZ566
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... PB_csCZ382
IE - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Documents and Settings\martina\Data aplikací\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014.01.30 12:19:43 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Extensions
[2014.08.06 14:40:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\extensions
[2014.03.06 15:33:36 | 000,281,800 | ---- | M] () (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2014.04.04 12:04:38 | 000,957,290 | ---- | M] () (No name found) -- C:\Documents and Settings\martina\Data aplikací\Mozilla\Firefox\Profiles\n6t5a4n4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.08.06 15:37:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014.08.06 15:37:40 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\MARTINA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\N6T5A4N4.DEFAULT\EXTENSIONS\{64161300-E22B-11DB-8314-0800200C9A66}.XPI

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: HD for YouTube™ = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf\1.7_0\
CHR - Extension: Angry Birds = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Dokumenty Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Disk Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: YouTube = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Bounceball = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\bnonnffemhpfblohaicmfmofbfaaoobf\1.1_0\
CHR - Extension: Adblock Plus = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: VyhledávánĂ­ Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Balloono = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fmggmlpijnjmhdekfigfbkookpdfodhf\1.4_0\
CHR - Extension: Mail Checker Plus for Google Mail™ = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.4.0_0\
CHR - Extension: Grass = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\mmiboiefncpfjihjdedpaoammipkilla\1.0_0\
CHR - Extension: Peněženka Google = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Short url using official goo.gl api = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\phncbknmjfhhegegchdflhepkoibbbie\1.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.01.28 13:16:37 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Bonus.SSR.FR11] C:\Program Files\ABBYY FineReader 11\Bonus.ScreenshotReader.exe (ABBYY Production LLC)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [SafeQClient] C:\Program Files\SafeQ\SafeQ_cli.exe (VŠB-TU Ostrava)
O4 - Startup: C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění\Dropbox.lnk = C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDC72966-44E1-439C-8521-4A95E99DBCD6}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\martina\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\martina\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.29 10:19:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{22aedc18-6290-11e0-b980-00248167d4db}\Shell - "" = AutoRun
O33 - MountPoints2\{22aedc18-6290-11e0-b980-00248167d4db}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{3528fea7-0409-11df-b71c-00248167d4db}\Shell\AutoRun\command - "" = G:\Toshiba\Launcher\start.exe
O33 - MountPoints2\{41af6ca6-61bd-11e0-b97f-000000000000}\Shell - "" = AutoRun
O33 - MountPoints2\{41af6ca6-61bd-11e0-b97f-000000000000}\Shell\AutoRun\command - "" = I:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a7f144fc-cf10-11df-b84f-00248167d4db}\Shell - "" = AutoRun
O33 - MountPoints2\{a7f144fc-cf10-11df-b84f-00248167d4db}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.divxa32 - C:\WINDOWS\System32\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.08.23 07:26:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\martina\Plocha\OTL.exe
[2014.08.21 23:48:55 | 000,000,000 | ---D | C] -- C:\rsit
[2014.08.21 23:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Plocha\FRST-OlderVersion
[2014.08.17 20:05:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2014.08.17 20:05:46 | 000,000,000 | -HSD | C] -- C:\WINDOWS\System32\AI_RecycleBin
[2014.08.17 20:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\TV Online
[2014.08.17 20:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TV Online
[2014.08.17 20:05:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Data aplikací\TV Online
[2014.08.17 11:44:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Plocha\fotbal
[2014.08.16 07:25:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
[2014.08.16 07:24:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2014.08.16 07:23:57 | 010,284,816 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe
[2014.08.15 10:36:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TeamViewer 9
[2014.08.15 10:12:03 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.08.14 20:19:39 | 000,000,000 | ---D | C] -- C:\FRST
[2014.08.14 20:16:41 | 001,094,144 | ---- | C] (Farbar) -- C:\Documents and Settings\martina\Plocha\FRST.exe
[2014.08.14 20:13:02 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\martina\Recent
[2014.08.06 15:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[18 C:\Documents and Settings\martina\Dokumenty\*.tmp files -> C:\Documents and Settings\martina\Dokumenty\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.08.23 07:29:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.08.23 07:26:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\martina\Plocha\OTL.exe
[2014.08.23 07:24:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.08.23 07:22:15 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.08.23 07:22:14 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.08.23 07:22:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.08.21 23:48:49 | 001,107,968 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\RSIT.exe
[2014.08.21 23:47:47 | 001,094,144 | ---- | M] (Farbar) -- C:\Documents and Settings\martina\Plocha\FRST.exe
[2014.08.21 23:37:00 | 000,001,034 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
[2014.08.21 22:54:02 | 000,000,942 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.08.19 22:01:46 | 000,118,371 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.srt
[2014.08.17 20:12:30 | 000,000,832 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TV Online.lnk
[2014.08.17 20:05:07 | 000,132,608 | ---- | M] () -- C:\Documents and Settings\martina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014.08.17 19:12:07 | 1001,971,712 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Robocop.avi
[2014.08.17 12:19:10 | 1207,363,584 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Amazing.Spider.Man.II.avi
[2014.08.17 12:18:57 | 1150,111,904 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.avi
[2014.08.16 08:37:04 | 000,000,982 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
[2014.08.16 07:24:32 | 010,284,816 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe
[2014.08.15 12:51:31 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\AVG 2014.lnk
[2014.08.15 10:36:16 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 9.lnk
[2014.08.15 10:11:52 | 001,356,107 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\adwcleaner_3.305.exe
[2014.08.15 10:08:29 | 000,002,724 | ---- | M] () -- C:\WINDOWS\WDICT32.INI
[2014.08.15 10:05:55 | 000,001,017 | ---- | M] () -- C:\Documents and Settings\martina\Nabídka Start\Programy\Po spuštění\Dropbox.lnk
[2014.08.15 10:05:35 | 000,000,999 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\Dropbox.lnk
[2014.08.15 10:00:42 | 002,219,552 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014.08.14 20:06:23 | 000,000,290 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
[2014.08.14 20:06:10 | 000,000,788 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
[2014.08.14 20:05:45 | 000,001,710 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
[2014.08.14 20:05:29 | 000,083,942 | ---- | M] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
[2014.08.14 19:58:38 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2014.08.08 15:00:00 | 000,000,220 | ---- | M] () -- C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.08.01 18:44:13 | 002,148,182 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5800u.jpg
[2014.08.01 18:41:40 | 002,206,453 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5799u.jpg
[2014.07.25 21:33:10 | 006,842,270 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5800.JPG
[2014.07.25 21:32:52 | 006,743,135 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\DSC_5799.JPG
[2014.07.25 15:47:50 | 008,143,775 | ---- | M] () -- C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
[18 C:\Documents and Settings\martina\Dokumenty\*.tmp files -> C:\Documents and Settings\martina\Dokumenty\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.08.21 23:48:49 | 001,107,968 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\RSIT.exe
[2014.08.19 22:01:37 | 000,118,371 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.srt
[2014.08.17 20:05:45 | 000,000,832 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TV Online.lnk
[2014.08.17 19:06:26 | 1001,971,712 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Robocop.avi
[2014.08.17 11:58:12 | 1150,111,904 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Her-ONA.2013.DVDSCR.XviD.MP3-RARBG.avi
[2014.08.17 11:57:42 | 1207,363,584 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\Amazing.Spider.Man.II.avi
[2014.08.15 10:11:51 | 001,356,107 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\adwcleaner_3.305.exe
[2014.08.14 20:06:22 | 000,000,290 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200621.reg
[2014.08.14 20:06:09 | 000,000,788 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200608.reg
[2014.08.14 20:05:44 | 000,001,710 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200543.reg
[2014.08.14 20:05:28 | 000,083,942 | ---- | C] () -- C:\Documents and Settings\martina\Dokumenty\cc_20140814_200525.reg
[2014.08.01 18:44:10 | 002,148,182 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5800u.jpg
[2014.08.01 18:43:36 | 006,842,270 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5800.JPG
[2014.08.01 18:41:09 | 002,206,453 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5799u.jpg
[2014.08.01 18:40:32 | 006,743,135 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\DSC_5799.JPG
[2014.07.25 16:50:10 | 008,143,775 | ---- | C] () -- C:\Documents and Settings\martina\Plocha\MOVIE.mpeg
[2014.06.03 12:29:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.04.27 15:53:07 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\martina\Data aplikací\Adobe Formát PNG CS5 – předvolby
[2013.12.08 00:38:36 | 000,234,680 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2013.09.27 08:18:00 | 001,846,068 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-1844237615-2077806209-839522115-1003-0.dat
[2013.09.27 08:17:59 | 000,399,718 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2013.09.27 07:32:25 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2013.02.18 22:30:55 | 000,000,047 | ---- | C] () -- C:\WINDOWS\ODA.INI
[2013.02.18 22:30:18 | 000,000,044 | ---- | C] () -- C:\WINDOWS\Esa.INI
[2013.02.18 22:25:13 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\vc8-re200l.dll
[2013.02.18 22:25:10 | 002,383,872 | ---- | C] () -- C:\WINDOWS\System32\csgas.dll
[2013.02.18 22:25:08 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\CadsPCP8r.dll
[2013.02.18 22:25:03 | 000,015,840 | ---- | C] () -- C:\WINDOWS\System32\Machnm1.exe
[2012.12.27 14:13:37 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\martina\Data aplikací\Adobe Formát GIF CS5 – předvolby
[2011.04.07 06:42:09 | 000,003,690 | ---- | C] () -- C:\Documents and Settings\martina\.jmf-resource
[2009.08.30 07:12:17 | 000,132,608 | ---- | C] () -- C:\Documents and Settings\martina\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.08.29 10:57:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 05:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 05:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010.01.05 15:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\2DBoy
[2011.02.13 09:59:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AdventureChronicles1
[2013.09.27 08:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2013.09.29 19:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2014
[2011.11.03 21:46:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AWEM
[2011.11.07 20:12:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Bitmeter2
[2013.02.18 22:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CADS
[2014.08.17 20:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Caphyon
[2014.03.05 11:57:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Cisco
[2013.03.26 20:19:31 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2009.12.12 14:38:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.04.08 13:09:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EscapeTheMuseum
[2011.11.05 12:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Farm Fishes
[2010.11.30 18:26:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FarmFrenzy2
[2014.02.06 18:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileOpen
[2014.08.15 10:15:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2014.08.14 19:59:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\KB Piano
[2014.08.23 07:28:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2009.11.24 23:26:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NFS Underground Demo
[2011.11.07 20:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2011.03.05 12:31:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Princess Isabella
[2011.06.08 17:48:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2011.11.21 19:40:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.01.28 15:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Vodafone
[2013.03.26 20:29:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Data aplikací\TuneUp Software
[2011.04.11 12:55:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Vodafone
[2012.08.10 11:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Alawar
[2011.02.11 20:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Atari
[2013.09.27 08:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Autodesk
[2013.09.29 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\AVG2014
[2010.04.05 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Bitmeter2
[2012.08.16 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Boolat Games
[2013.02.18 22:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\CADS
[2013.12.10 17:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\DAEMON Tools Lite
[2014.08.21 21:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Dropbox
[2014.02.06 18:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FileOpen
[2013.06.07 14:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FlvtoConverter
[2011.04.06 15:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\GetWare
[2011.11.07 20:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Nokia
[2011.11.07 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\PC Suite
[2014.06.01 09:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TeamViewer
[2009.12.10 14:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Thinstall
[2013.03.26 20:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TuneUp Software
[2014.08.17 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TV Online
[2010.10.29 10:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\VitySoft
[2011.04.11 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Vodafone
[2014.08.17 19:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\XnView
[2013.12.07 23:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.08.29 10:17:25 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.08.29 10:22:49 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.02.28 19:00:00 | 000,000,982 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job
[2012.02.28 19:00:00 | 000,001,034 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job
[2012.08.24 18:52:31 | 000,000,938 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.24 18:52:31 | 000,000,942 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2014.03.27 19:34:51 | 000,000,220 | ---- | C] () -- C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
[2014.03.27 19:34:51 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job

< >

< MD5 for: AGP440.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.02 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2006.03.02 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2010.06.11 02:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2006.03.02 14:00:00 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2006.03.02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\$NtServicePackUninstall$\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\ServicePackFiles\i386\cryptsvc.dll
[2008.04.14 05:21:38 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 05:21:41 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
[2006.03.02 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2006.03.02 14:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:28 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\HAL.DLL
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2005.09.29 01:35:25 | 000,134,272 | ---- | M] (Microsoft Corporation) MD5=A3961B9456DE472D2F152C9DE950FFA5 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2006.03.02 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtUninstallKB896256$\hal.dll

< MD5 for: CHANGER.SYS >
[2006.03.02 14:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:Changer.sys
[2008.04.13 20:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\ServicePackFiles\i386\changer.sys

< MD5 for: IASTOR.SYS >
[2008.04.15 19:54:16 | 000,388,120 | R--- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IASTOR.SYS
[2008.04.15 19:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IASTOR.SYS
[2008.04.15 19:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\drivers\iaStor.sys
[2008.04.15 19:53:44 | 000,312,344 | R--- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\DRVSTORE\IAAHCI_E7EB69FF3449D216602D0D37A1D73969621673A9\iaStor.sys
[2008.04.16 00:53:44 | 000,312,344 | ---- | M] (Intel Corporation) MD5=DB0CC620B27A928D968C1A1E9CD9CB87 -- C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\iaStor.sys

< MD5 for: ISAPNP.SYS >
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2009.11.26 22:43:20 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\$NtServicePackUninstall$\isapnp.sys
[2001.10.24 11:44:12 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\ServicePackFiles\i386\isapnp.sys
[2008.04.14 04:27:53 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2006.03.02 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2008.04.14 05:22:29 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2008.04.13 21:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
[2006.03.02 14:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\$NtUninstallKB912436$\ndis.sys
[2006.01.10 03:01:06 | 000,182,528 | ---- | M] (Microsoft Corporation) MD5=AA898F84D2B59129FB92E143A2C73434 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.02.06 20:47:20 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=1F43B8C0F4C767FBED89711C30E704D9 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2006.03.02 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 05:21:50 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2006.03.02 14:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2006.03.02 14:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2008.04.14 05:22:47 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2006.03.02 14:00:00 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2006.03.02 14:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2006.03.02 14:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2006.03.02 14:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2008.04.14 05:22:06 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[14 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp files -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\*.tmp -> ]
[1 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.01.23 17:48:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\ABBYY
[2011.06.08 17:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Adobe
[2009.08.29 13:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\AdobeUM
[2012.08.10 11:41:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Alawar
[2011.02.11 20:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Atari
[2013.09.27 08:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Autodesk
[2013.09.29 19:56:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\AVG2014
[2010.04.05 19:24:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Bitmeter2
[2012.08.16 19:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Boolat Games
[2013.02.18 22:25:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\CADS
[2013.12.10 17:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\DAEMON Tools Lite
[2014.08.21 21:21:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Dropbox
[2013.06.25 17:24:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\dvdcss
[2009.08.29 16:19:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FastStone
[2014.02.06 18:13:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FileOpen
[2010.10.03 19:15:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FLEXnet
[2013.06.07 14:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\FlvtoConverter
[2011.04.06 15:53:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\GetWare
[2013.01.07 14:54:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Google
[2010.11.08 11:27:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\GRETECH
[2010.01.15 10:28:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Help
[2014.08.23 07:38:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\hpqLog
[2009.08.29 10:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Identities
[2009.08.29 10:41:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\InstallShield
[2011.11.05 20:31:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Macromedia
[2014.08.16 07:25:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Malwarebytes
[2014.02.02 10:32:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\martina\Data aplikací\Microsoft
[2014.06.15 19:33:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Mozilla
[2011.11.07 20:06:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Nokia
[2011.11.07 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\PC Suite
[2010.12.14 23:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Real
[2014.08.15 10:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Skype
[2011.08.15 09:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\skypePM
[2010.04.11 16:18:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Sun
[2014.06.01 09:47:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TeamViewer
[2009.12.10 14:46:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Thinstall
[2013.03.26 20:21:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TuneUp Software
[2014.08.17 20:05:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\TV Online
[2010.10.29 10:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\VitySoft
[2014.08.19 22:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\vlc
[2011.04.11 12:59:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\Vodafone
[2009.08.29 11:18:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\WinRAR
[2011.03.20 12:58:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\WTablet
[2014.08.17 19:55:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\martina\Data aplikací\XnView

< %APPDATA%\*.exe /s >
[2014.07.30 02:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe
[2014.07.30 02:25:24 | 000,262,160 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxUninstaller.exe
[2014.07.30 02:22:12 | 000,225,224 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\DropboxUpdateHelper.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Documents and Settings\martina\Data aplikací\GRETECH\GomPlayer\GrLauncher.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.12.12 14:39:14 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.08.29 12:07:23 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.08.29 12:07:23 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.08.29 12:07:23 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.08.23 07:24:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.10.27 09:38:17 | 000,136,176 | ---- | M] (Google Inc.)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.08.23 07:29:40 | 000,000,512 | ---- | M] () MD5=4DEE96AAFE4344473647C569780025D3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.02.20 00:40:38 | 000,388,993 | ---- | M] () -- \Documents and Settings\martina\Dokumenty\Downloads\Nexis-3.60.15-cz-FULL\Nexis 3.60.15 cz FULL\crack_3.60.15\crack.zip
[2009.02.18 10:25:22 | 000,000,774 | ---- | M] () -- \Documents and Settings\martina\Dokumenty\Downloads\Scia-Engineer\Scia Engineer\Navod scia engineer crack.txt
[2001.08.14 19:31:08 | 000,030,054 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\Inventor Server\Textures\surfaces\Cracks.bmp
[2008.04.02 15:26:50 | 000,001,602 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\BasicResults-EP_PropertyConcretePrestressStupenBezpecnostiCrack [default].otx
[2008.04.02 15:26:50 | 000,001,602 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\BasicResults-EP_ResPropertyMacro2DCrack [default].otx
[2008.04.02 15:26:50 | 000,001,642 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\BasicResults-EP_ResPropertyMacro2DReinforcement2D_CrackProof [default].otx
[2008.04.02 15:26:46 | 000,001,636 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete calc crack proof [cb-crack-short-NEN].otx
[2008.04.02 15:26:50 | 000,002,761 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete calc crack proof [default].otx
[2008.04.02 15:26:48 | 000,001,602 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete calc prestress crack proof [default].otx
[2008.04.02 15:26:42 | 000,007,394 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack As [brief].otx
[2008.04.02 15:26:50 | 000,008,636 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack As [default].otx
[2008.04.02 15:26:52 | 000,004,100 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack distance [Brief].otx
[2008.04.02 15:26:52 | 000,002,271 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack distance [cb-872b-short].otx
[2008.04.02 15:26:52 | 000,008,077 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack distance [default].otx
[2008.04.02 15:26:44 | 000,006,298 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack profile [Brief].otx
[2008.04.02 15:26:50 | 000,004,777 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack profile [cb-872a].otx
[2008.04.02 15:26:50 | 000,010,656 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack profile [default].otx
[2008.04.02 15:26:42 | 000,005,719 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack shear [default].otx
[2008.04.02 15:26:50 | 000,010,901 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack width [brief].otx
[2008.04.02 15:26:40 | 000,012,332 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete crack width [default].otx
[2008.04.02 15:26:44 | 000,004,215 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress checks crack resistance check [default].otx
[2008.04.02 15:26:46 | 000,004,243 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress checks crack resistance [default].otx
[2008.04.02 15:26:40 | 000,003,949 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress checks crack width check [default].otx
[2008.04.02 15:26:44 | 000,004,775 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack As [brief].otx
[2008.04.02 15:26:50 | 000,005,893 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack As [default].otx
[2008.04.02 15:26:52 | 000,003,966 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack checkline [default].otx
[2008.04.02 15:26:40 | 000,003,613 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack distance [brief].otx
[2008.04.02 15:26:50 | 000,006,292 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack distance [default].otx
[2008.04.02 15:26:44 | 000,004,136 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack distance [detailed].otx
[2008.04.02 15:26:42 | 000,005,057 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack profile [brief].otx
[2008.04.02 15:26:44 | 000,007,746 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack profile [default].otx
[2008.04.02 15:26:40 | 000,005,050 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack profile [detailed].otx
[2008.04.02 15:26:52 | 000,004,905 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack width [brief].otx
[2008.04.02 15:26:52 | 000,006,490 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\Concrete prestress crack width [default].otx
[2008.04.02 15:26:40 | 000,004,414 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\DataAddConcrete-MemberDataConcrete [Crack coefficients].otx
[2008.04.02 15:26:40 | 000,007,603 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\EP_Results-EP_ResMacro2DConcreteCrack2D [default].otx
[2010.05.02 18:13:34 | 000,003,861 | ---- | M] () -- \Program Files\Vitware\Word Manager\PicBank\crack.gif
[2010.05.02 18:11:14 | 000,014,024 | ---- | M] () -- \Program Files\Vitware\Word Manager\SndBank\crack.am.wav

< *keygen* /s >
[2000.10.30 10:32:48 | 000,025,088 | ---- | M] () -- \Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\Keygen.exe
[2000.11.01 04:13:38 | 000,002,293 | ---- | M] () -- \Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\keygen.nfo

< *AntiWPA* /s >

< *loader* /s >
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2008.02.25 06:42:48 | 000,012,800 | ---- | M] () -- \Documents and Settings\martina\Dokumenty\Downloads\tdp\Turbo Delphi Portable\Experts\DelphiSpeedUp\DelphiSpeedUpLoader10.bpl
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Documents and Settings\martina\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\skin\ajax-loader.gif
[2014.03.05 11:56:38 | 000,925,072 | ---- | M] () -- \Documents and Settings\martina\Local Settings\Temp\1A.tmp\vpndownloader.exe
[2008.02.25 05:42:48 | 000,012,800 | ---- | M] () -- \Documents and Settings\martina\Plocha\PLOCHA PROTŘÍDIT\Turbo Delphi Portable\Experts\DelphiSpeedUp\DelphiSpeedUpLoader10.bpl
[2007.01.31 09:07:46 | 000,027,752 | ---- | M] () -- \Program Files\AutoCAD 2008\AecLoader.arx
[2011.02.04 05:53:33 | 000,134,368 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AcAutoLoader.arx
[2011.03.15 14:58:23 | 000,010,568 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AcAutoLoaderRes.dll
[2011.02.04 05:52:48 | 000,328,416 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AdDownloaderCore.dll
[2011.01.17 18:09:50 | 000,024,456 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AecLoader.arx
[2010.11.24 07:35:32 | 000,003,208 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\AdExchange\loader.gif
[2013.09.27 07:33:43 | 000,000,390 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\Help\contexthelp\APPAUTOLOADER.htm
[2011.01.25 01:42:42 | 000,044,704 | ---- | M] () -- \Program Files\Autodesk\AutoCAD 2012 - Czech\Inventor Server\Bin\ClrAddinLoader.dll
[2013.12.13 00:36:21 | 000,925,072 | ---- | M] () -- \Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpndownloader.exe
[2013.12.13 00:36:21 | 000,925,072 | ---- | M] () -- \Program Files\Cisco\Cisco AnyConnect VPN Client\vpndownloader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2011.11.01 14:56:46 | 000,884,224 | ---- | M] () -- \Program Files\ShareRapid poker\Loader.exe
[2011.11.01 14:57:22 | 000,016,491 | ---- | M] () -- \Program Files\ShareRapid poker\Loader.ini
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2006.03.02 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2009.08.29 11:06:50 | 000,082,784 | ---- | M] () -- \WINDOWS\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >
[2008.04.02 15:26:52 | 000,002,130 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\EP_DSG_Elements-EP_StructNode [default].otx
[2008.04.02 15:26:52 | 000,002,943 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\EP_DSG_Elements-EP_StructNode [Detailed].otx
[2008.04.02 15:26:30 | 000,002,142 | ---- | M] () -- \Program Files\SCIA\Engineer2008\DocumentTemplates\xml\EP_DSG_Elements-EP_StructNode [default].otx

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2008.09.02 03:17:42 | 000,000,074 | ---- | M] () -- \Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\SERIAL.TXT
[2006.11.28 19:35:14 | 000,002,274 | ---- | M] () -- \Program Files\AutoCAD 2008\WebDepot\RTSerialNumberHelp.html
[2008.07.31 16:41:44 | 000,002,502 | ---- | M] () -- \Program Files\Common Files\Autodesk Shared\AdLM\R4\cs-CZ\Webdepot\RTSerialNumberHelp.html
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.05.02 18:10:24 | 000,016,950 | ---- | M] () -- \Program Files\Vitware\Word Manager\SndBank\serial.am.wav
[2010.05.02 18:11:02 | 000,017,368 | ---- | M] () -- \Program Files\Vitware\Word Manager\SndBank\serial.br.wav
[2006.03.02 14:00:00 | 000,064,640 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\serial.sys
[2009.08.29 12:48:12 | 000,011,776 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.13 16:19:02 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.01.11 00:47:07 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.13 16:17:03 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6c29ee2bedfe88dcd66993f1af135ad8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.13 16:14:55 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\9860da66bf0219612908e7412b0a6e2e\System.Runtime.Serialization.ni.dll
[2014.02.13 17:56:53 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\046c2851963b30d0e14194051c03de33\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.08.25 12:04:54 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.15 13:39:20 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab90a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
[2014.02.13 17:57:12 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\fa954900a6cf3a095efadfa4c683a32c\System.Runtime.Serialization.ni.dll
[2010.03.18 14:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.03.03 18:37:33 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.02.13 16:22:25 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.03.03 18:37:31 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2014.02.13 16:22:20 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 11:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2005.12.20 18:13:56 | 000,011,776 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.09.27 01:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 14:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 03:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 03:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 04:17:25 | 000,028,416 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\grserial.sys
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\serial.sys
[2007.06.27 14:59:02 | 000,131,072 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\system.runtime.serialization.formatters.soap.dll
[2006.03.02 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[2006.03.02 14:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2006.03.02 14:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 04:21:08 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71
@Alternate Data Stream - 100 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D

< End of report >

OTL Extras logfile created on: 23.8.2014 7:26:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\martina\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,93 Gb Total Physical Memory | 0,90 Gb Available Physical Memory | 46,66% Memory free
3,78 Gb Paging File | 2,82 Gb Available in Paging File | 74,63% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 45,71 Gb Free Space | 20,51% Space Free | Partition Type: NTFS
Drive D: | 1021,00 Mb Total Space | 1018,45 Mb Free Space | 99,75% Space Free | Partition Type: FAT32
Drive E: | 9,00 Gb Total Space | 2,25 Gb Free Space | 25,04% Space Free | Partition Type: NTFS

Computer Name: MARTINA-NOTAS | User Name: martina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Counter-Strike Source\hl2.exe" = C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe" = C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\GetWare\WebCam Live\WebCam.exe" = C:\Program Files\GetWare\WebCam Live\WebCam.exe:*:Enabled:WebCam Live
"C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\martina\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\martina\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin -- (Google)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\flexlm\nexis\lmgrd.exe" = C:\flexlm\nexis\lmgrd.exe:*:Enabled:lmgrd -- ()
"C:\flexlm\nexis\scia.exe" = C:\flexlm\nexis\scia.exe:*:Enabled:scia -- ()
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe" = C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\zunt..tion_bbfc02ea80687e07_0001.0002_92c6ed94d8eb2a07\ZunTzu.exe:*:Enabled:ZunTzu
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe" = C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2.exe:*:Enabled:Colin McRae Rally 2 -- (Codemasters Software Ltd)
"C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe" = C:\Program Files\Codemasters\Colin McRae Rally 04\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application -- (Codemasters Software)
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe" = C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_14272230c518e5a3_0001.0001_81871b05049e721a\TV Online.exe:*:Enabled:TV Online
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe" = C:\Documents and Settings\martina\Local Settings\Apps\2.0\VOL85ATY.JCN\V33AM0EM.DT8\tvon..tion_60cc721e402aeb26_0001.0002_c9ff8f75fb809c21\TV Online.exe:*:Enabled:TV Online
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer
"C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE" = C:\Documents and Settings\martina\Plocha\red-alert2-portable\red-alert2-portable\GAME.EXE:*:Enabled:Main executable for Red Alert 2 -- (Westwood Studios)
"I:\UnrealTournament\System\UnrealTournament.exe" = I:\UnrealTournament\System\UnrealTournament.exe:*:Enabled:UnrealTournament
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\AVG\AVG2014\avgnsx.exe" = C:\Program Files\AVG\AVG2014\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgdiagex.exe" = C:\Program Files\AVG\AVG2014\avgdiagex.exe:*:Enabled:AVG Diagnostics 2014 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2014\avgmfapx.exe" = C:\Program Files\AVG\AVG2014\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DF4D84-E652-4557-97CC-56FAE8622FE5}" = TV Online
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{19B72AA9-985A-11D4-9C8A-00D0B75D1498}" = Colin McRae Rally 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 27
"{27498953-A7BB-4F1E-8EFA-F50DBB067FC2}" = Scia Engineer 2008
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5783F2D7-6001-0405-0002-0060B0CE6BBA}" = AutoCAD 2008 - Český
"{5783F2D7-A001-0405-0002-0060B0CE6BBA}" = AutoCAD 2012 - Czech
"{5783F2D7-A001-0405-1002-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Czech
"{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F53A8DC-4857-4687-9740-F30129EE5FC0}_is1" = ShareRapid poker verze 1.8
"{7F947BFE-C2DF-4779-9909-5BEE746BD0C4}" = Microsoft .NET Framework 2.0 Language Pack - CSY
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{983980FC-66FB-4ECC-A5D8-4565BE217733}" = SCR3xxx Smart Card Reader
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAAB700A-DDB7-4298-AB4B-B6E9F785059C}" = Cisco AnyConnect Secure Mobility Client
"{AC76BA86-1033-C740-7760-100000000002}" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}" = Google Talk Plugin
"{C9811F26-3EF6-449A-9736-BB79A125D894}" = AVG 2014
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E62AFEB8-BF5A-4287-A19B-198BB17F6276}" = AVG 2014
"{ED8BA12A-AD99-4E61-9E4B-AB64957999AE}" = HP 3D DriveGuard
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11000CE-0010-0000-0000-074957833700}" = ABBYY FineReader 11 Corporate Edition
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"7-Zip" = 7-Zip 4.65
"Adobe Acrobat 7.0 Professional - Czech, Polish, Greek - V" = Adobe Acrobat 7.0 Professional - Czech, Polish, Greek
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AutoCAD 2008 - Český" = AutoCAD 2008 - Český
"AutoCAD 2012 - Czech" = AutoCAD 2012 - Czech
"AVG" = AVG 2014
"CADS Composite Beam Designer" = CADS Composite Beam Designer
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FreeCommander_is1" = FreeCommander 2009.02
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{27498953-A7BB-4F1E-8EFA-F50DBB067FC2}" = Scia Engineer 2008
"InstallShield_{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}" = Colin McRae Rally 04
"Kill Winamp_is1" = KillWinamp 1.61
"LMS" = C-Dilla Licence Management System
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 2.0 Language Pack - CSY" = Microsoft .NET Framework 2.0 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 31.0 (x86 cs)" = Mozilla Firefox 31.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Photoshop CS5 micro cz_is1" = Photoshop CS5 micro cz v12.0.1.0
"SafeQ" = SafeQ
"SteelMemberDesigner" = SteelMemberDesigner
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 9" = TeamViewer 9
"TV Online 1.6.1" = TV Online
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 2.1.2
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"Word Manager" = Word Manager
"XnView_is1" = XnView 2.00

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.8.2014 4:02:11 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_inx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:14 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_idx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:16 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_kox.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:18 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_msx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:21 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_rux.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:23 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_trx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:25 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_zhx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:27 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_ztx.cab.
Verify that the file exists and that you can access it.

Error - 7.8.2014 4:02:30 | Computer Name = MARTINA-NOTAS | Source = MsiInstaller | ID = 11311
Description = SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- Error
1311. SA_Error1311: StandardAction(0xC007051F): Source file not found(cabinet):
C:\Documents and Settings\All Users\Data aplikací\AVG2014\SetupBackup\lng_esx.cab.
Verify that the file exists and that you can access it.

Error - 21.8.2014 17:43:48 | Computer Name = MARTINA-NOTAS | Source = EventSystem | ID = 4614
Description = Systém událostí modelu COM+ zjistil nekonzistenci vnitřního stavu.
Výraz GetLastError() == 122L selhal na řádku 162 v d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp.
Obraťte se na služby odborné pomoci společnosti Microsoft a informujte je o této
chyb

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 23.8.2014 1:22:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: DeviceIDInfo::AppendBinaryRegistryKey File: .\Utility\DeviceID.cpp
Line:
165 Invoked Function: CRegKey::QueryBinaryValue Return Code: 2 (0x00000002) Description:
Systém nemůže nalézt uvedený soubor.

Error - 23.8.2014 1:22:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: XmlParser::invokeParser File: .\Xml\XmlParser.cpp Line: 182
Invoked
Function: ISAXXMLReader::parse Return Code: -2146697210 (0x800C0006) Description:
WINDOWS_ERROR_CODE

Error - 23.8.2014 1:22:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: CPhoneHomeAgent::LoadSettingsFromXmlFile File: ..\PhoneHomeAgent.cpp
Line:
608 Invoked Function: XmlParser::parseFile Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED

Error - 23.8.2014 1:22:25 | Computer Name = MARTINA-NOTAS | Source = acvpnui | ID = 67108866
Description = Function: XmlPrefMgr::endElement File: .\xml\XmlPrefMgr.cpp Line: 142
Invoked
Function: UserPreferences::endElement Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED Attempt to set undefined preference <DefaultDomain>.

Error - 23.8.2014 1:22:25 | Computer Name = MARTINA-NOTAS | Source = acvpnui | ID = 67108866
Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 332
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Žádná další
data nejsou k dispozici.

Error - 23.8.2014 1:22:25 | Computer Name = MARTINA-NOTAS | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1360 NULL object. Cannot establish a connection at this time.

Error - 23.8.2014 1:24:51 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


Error - 23.8.2014 1:27:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 23.8.2014 1:27:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 23.8.2014 1:27:10 | Computer Name = MARTINA-NOTAS | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL

[ OSession Events ]
Error - 27.11.2009 15:12:44 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 12481
seconds with 2700 seconds of active time. This session ended with a crash.

Error - 9.1.2010 14:41:05 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 34696
seconds with 540 seconds of active time. This session ended with a crash.

Error - 10.1.2010 15:33:23 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 7662
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 22.11.2011 13:10:56 | Computer Name = MARTINA-NOTAS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 112
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.8.2014 15:20:06 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 21.8.2014 15:21:28 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 21.8.2014 17:42:24 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 21.8.2014 17:43:47 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 21.8.2014 17:43:47 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7034
Description = Služba MBAMService byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 21.8.2014 17:46:09 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 21.8.2014 17:47:32 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 23.8.2014 1:23:24 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7000
Description = Služba adfs neuspěla při spuštění v důsledku následující chyby: %%2

Error - 23.8.2014 1:24:48 | Computer Name = MARTINA-NOTAS | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.

Error - 23.8.2014 1:38:21 | Computer Name = MARTINA-NOTAS | Source = HBtnKey | ID = 327684
Description =


< End of report >

Dobrý den,
Nebojte, kolega na Vás nezapoměl, jen nemělpřístup k internetu.
Večer se na to podívám, nebo kolega ráno.

Napiste mi velikost adresare plochy (C:\Documents and Settings\martina\Plocha)




Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands) Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Márty84 píše: Napiste mi velikost adresare plochy

Plocha má v současnosti 12,5 GB ( 9,5 jsou 3-4 filmy co vydrží tři dny pak jdou přes shift+del pryč)


All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 37205 bytes

User: martina
->Temp folder emptied: 11739918 bytes
->Temporary Internet Files folder emptied: 7619071 bytes
->Java cache emptied: 16583165 bytes
->FireFox cache emptied: 28253093 bytes
->Google Chrome cache emptied: 458474567 bytes
->Flash cache emptied: 2745 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33977 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14615007 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 736189022 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1532 bytes

Total Files Cleaned = 1 215,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: martina
->Flash cache emptied: 0 bytes

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service gupdate1ca411a4416cfc2 stopped successfully!
Service gupdate1ca411a4416cfc2 deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-2077806209-839522115-1003UA.job moved successfully.
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\martina\Data aplikací\Malwarebytes folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1844237615-2077806209-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{274EC60B-1BC8-4C25-82B4-24D03056D7C0}\ not found.
Folder C:\Documents and Settings\martina\Data aplikací\Malwarebytes\ not found.
Folder C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\ not found.
C:\Documents and Settings\martina\Plocha\mbam-setup-1.75.0.1300.exe moved successfully.
C:\Documents and Settings\martina\Dokumenty\$AP13.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP130.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP176.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP20.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP223.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP30.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP3B.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP40.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP41.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP42.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP681.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP682.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP884.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$AP8B.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APA2.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APAE.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APAF.tmp deleted successfully.
C:\Documents and Settings\martina\Dokumenty\$APB2.tmp deleted successfully.
C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar\cache folder moved successfully.
C:\Documents and Settings\NetworkService\Data aplikací\AVG SafeGuard toolbar folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP194.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1AD.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1F54.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP291.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP293.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D1.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5A8.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6A9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6CB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP819.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1.tmp folder deleted successfully.
C:\WINDOWS\Installer\MSI51.tmp deleted successfully.
C:\WINDOWS\Installer\MSI94.tmp deleted successfully.
C:\WINDOWS\Installer\MSI9E.tmp deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:8DD36B71 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:3D36932D deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Bonus.SSR.FR11 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 08292014_120540

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...