Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-06-2016 01
Ran by doma (administrator) on DOMA-95E00D2E76 (13-06-2016 19:07:06)
Running from C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
Loaded Profiles: doma (Available Profiles: doma)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cistray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16857600 2008-02-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-05-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1491128 2016-04-29] (COMODO)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5282584 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Gadwin PrintScreen (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe [11507872 2014-10-15] (Gadwin Systems)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\MountPoints2: {43b3539a-1857-11e4-98da-0021853469aa} - F:\Autorun.exe
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\MountPoints2: {fd1105a8-0211-11e4-b219-0021853469aa} - G:\Autorun.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.2
Tcpip\..\Interfaces\{2BCDDDF1-31C2-4EA4-948D-E4F7B60644B1}: [DhcpNameServer] 192.168.1.2
Internet Explorer:
==================
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://
www.seznam.cz/?clid=22668
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> 0F797EB4A49660AD252EB537C7E74195 URL = hxxp://
www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> 286F752FD6CD468E5CCBB6B943AC0976 URL = hxxp://
www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> EA1E71FEE399B7BB3147D1FEC001E6DC URL = hxxp://
www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> EA3D442948A771916E62AD5955860694 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {szukaj.gazeta.pl} URL = hxxp://szukaj.gazeta.pl/internet/0,0.html?slowo={searchTerms}
Toolbar: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2014-02-25] (Společnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\k1h5ywk9.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2014-01-29] (Alawar)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4561000 2016-04-29] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [1670840 2016-04-29] (COMODO)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-12-13] (DEVGURU Co., LTD.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [17288 2016-04-27] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [641728 2016-04-27] (COMODO)
R1 cmdHlp; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [31704 2016-04-27] (COMODO)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-07-31] (Disc Soft Ltd)
S3 HPFXBULKLEDM; C:\WINDOWS\System32\drivers\hppcbulkio.sys [20504 2011-05-10] (Hewlett Packard)
R0 Inspect; C:\WINDOWS\System32\DRIVERS\inspect.sys [107688 2016-04-27] (COMODO)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-07-31] (Duplex Secure Ltd.)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-13 19:06 - 2016-06-13 19:06 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
2016-06-12 22:49 - 2016-06-12 22:49 - 03677248 _____ C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_5.119.exe
2016-06-12 21:58 - 2016-06-12 21:58 - 00010451 _____ C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Addition.rar
2016-06-12 21:57 - 2016-06-13 19:07 - 00011711 _____ C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.txt
2016-06-12 21:56 - 2016-06-12 21:56 - 01735680 _____ (Farbar) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.exe
2016-06-07 00:33 - 2016-06-07 00:33 - 00008783 _____ C:\Program1.RPT
2016-05-29 22:03 - 2016-05-29 22:03 - 00001672 _____ C:\Documents and Settings\All Users.WINDOWS\Plocha\Gothic.lnk
2016-05-29 22:01 - 2016-05-29 22:01 - 00000000 ____D C:\Program Files\GOG.com
2016-05-23 22:56 - 2016-05-23 22:56 - 00004096 _____ C:\WINDOWS\d3dx.dat
2016-05-17 03:06 - 2016-05-17 03:45 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\dvdcss
2016-05-16 01:38 - 2016-05-16 01:38 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Nitreal Games
2016-05-15 19:25 - 2016-05-15 19:25 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Teyon
2016-05-15 16:55 - 2016-05-15 16:55 - 00398621 _____ C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\tabulka-hodnoceni-ustni-mat-zkousky-z-cj-velikost-a3.pdf
2016-05-14 19:11 - 2016-05-14 19:11 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Brave Giant
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-13 19:07 - 2015-09-07 20:10 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp
2016-06-13 19:07 - 2015-09-06 20:38 - 00000000 ____D C:\FRST
2016-06-13 19:07 - 2014-06-29 11:41 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
2016-06-13 19:06 - 2014-06-29 11:41 - 00000000 ___HD C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací
2016-06-13 19:05 - 2015-03-28 19:07 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
2016-06-13 19:05 - 2015-03-28 19:07 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job
2016-06-13 19:05 - 2015-03-28 19:07 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job
2016-06-13 19:05 - 2015-03-28 19:07 - 00000440 _____ C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job
2016-06-13 19:05 - 2014-06-29 12:16 - 00033294 _____ C:\WINDOWS\system32\nvAppTimestamps
2016-06-13 19:03 - 2015-09-16 12:41 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-13 19:03 - 2015-03-28 19:06 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-06-13 18:40 - 2012-03-21 15:46 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Skype
2016-06-13 18:26 - 2015-04-04 16:48 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-13 14:44 - 2014-06-29 13:21 - 01188012 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-13 14:44 - 2008-04-14 14:00 - 00491906 ____C C:\WINDOWS\system32\perfh005.dat
2016-06-13 14:44 - 2008-04-14 14:00 - 00098404 ____C C:\WINDOWS\system32\perfc005.dat
2016-06-13 14:39 - 2015-09-16 12:41 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-13 14:39 - 2014-06-29 11:40 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-13 03:02 - 2014-06-29 11:41 - 00000178 ___SH C:\Documents and Settings\doma.DOMA-95E00D2E76\ntuser.ini
2016-06-13 03:02 - 2014-06-29 11:40 - 00032374 _____ C:\WINDOWS\SchedLgU.Txt
2016-06-12 22:52 - 2015-04-14 22:47 - 00000000 ____D C:\AdwCleaner
2016-06-12 19:00 - 2008-04-14 14:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2016-06-12 00:37 - 2012-03-22 08:21 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\vlc
2016-06-11 22:20 - 2014-06-29 11:41 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76
2016-06-07 22:37 - 2012-03-22 20:42 - 00151040 _____ C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-06 23:43 - 2012-05-17 20:42 - 00002563 _____ C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Microsoft Office Word 2007.lnk
2016-06-04 19:27 - 2016-01-07 18:54 - 00000000 ___RD C:\Program Files\Skype
2016-06-04 19:27 - 2014-06-29 13:36 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype
2016-06-04 19:27 - 2014-06-29 13:36 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Skype
2016-06-01 10:03 - 2015-05-30 01:08 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-31 23:50 - 2016-05-06 00:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-31 23:27 - 2012-03-22 20:54 - 00000000 ____D C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\DAEMON Tools Lite
2016-05-29 22:03 - 2015-05-14 00:43 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GOG.com
2016-05-29 22:03 - 2015-05-14 00:43 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GOG.com
2016-05-29 22:03 - 2014-06-29 13:21 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Plocha
2016-05-29 21:24 - 2014-06-29 13:21 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2016-05-29 21:24 - 2014-06-29 13:21 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2016-05-20 02:40 - 2014-06-29 11:41 - 00000000 ___RD C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy
2016-05-17 03:06 - 2014-06-29 11:41 - 00000000 __RHD C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací
2016-05-16 23:50 - 2014-12-12 00:21 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
2016-05-16 23:50 - 2014-12-12 00:21 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
2016-05-16 23:50 - 2014-06-29 13:21 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Dokumenty
==================== Files in the root of some directories =======
2012-04-22 02:07 - 2012-11-04 22:39 - 0000000 ____C () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\bitlord_log.txt
2005-09-16 16:43 - 2012-03-23 21:07 - 0000830 ___HC () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\domalog.dat
2014-02-23 00:45 - 2014-02-23 03:52 - 3339800 ____C () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\log.sflog
2014-08-13 10:54 - 2014-08-13 10:54 - 0752128 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\AlawarHelper.exe
2012-03-22 20:42 - 2016-06-07 22:37 - 0151040 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-13 21:43 - 2014-02-07 00:16 - 0001032 ____C () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\SRDownloader.nast
Some files in TEMP:
====================
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\libeay32.dll
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\msvcr120.dll
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows) (Fixed) (Total:50.47 GB) (Free:25.16 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive d: (DATA) (Fixed) (Total:415.28 GB) (Free:22.41 GB) NTFS
Drive f: (Gothic II) (CDROM) (Total:2.17 GB) (Free:0 GB) CDFS
Available physical RAM: 679.68 MB
Total physical RAM: 2047.23 MB
Percentage of memory in use: 66%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: D44AD44A)
Partition 1: (Active) - (Size=50.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=415.3 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\WINDOWS\system32\advpack.dll.mui:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\certsentry.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\corpol.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DCompiler_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dcsx_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx10_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx11_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_24.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_25.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_26.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_27.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_28.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_29.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_30.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_31.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_33.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_34.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_35.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3dx9_36.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_37.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_38.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_40.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_41.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_42.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\D3DX9_43.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FlashPlayerApp.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\icardie.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\idndl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ie4uinit.exe.mui:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieapfltr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iedkcs32.dll.mui:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieframe.dll.mui:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieudinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\licmgr10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdbg2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msfeedssync.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshta.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshta.exe.mui:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msrating.dll.mui:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstime.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nlsdl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\normaliz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spupdsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinFXDocObj.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\x3daudio1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\X3DAudio1_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_4.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine2_9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xactengine3_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_3.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAPOFX1_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XAudio2_7.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput1_3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xinput9_1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\xmllite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\aclayers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\acspecfc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\corpol.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\dhtmled.ocx:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\dxtrans.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\ie4uinit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\iedkcs32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\iexplore.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\inetcpl.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\jscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\jsproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\licmgr10.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\moviemk.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\msadce.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\msadco.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\msadomd.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\mshta.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\mshtml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\mshtmled.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\msjro.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\mstime.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\npdrmv2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\npdsplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\npwmsdrm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\ntevt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\occache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\provthrd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\sqmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\stdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\triedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\unsecapp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\url.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\urlmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\vgx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\wab.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\wbemdisp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dllcache\wininet.dll:$CmdTcID [64]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_5.119.exe:$CmdTcID [130]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_5.119.exe:$CmdZnID [26]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.exe:$CmdTcID [64]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.exe:$CmdZnID [26]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe:$CmdTcID [130]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe:$CmdZnID [26]
AlternateDataStreams: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\tabulka-hodnoceni-ustni-mat-zkousky-z-cj-velikost-a3.pdf:$CmdZnID [26]
==================== Security Center ==================
AV: COMODO Antivirus (Disabled - Up to date) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha" je 1358 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe"="C:\\Program Files\\NVIDIA Corporation\\NetService\\NvNetworkService.exe:*:Enabled:NVIDIA Network Service TCP Exception (HTTPS)"
"C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2014\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\uTorrent.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\uTorrent.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_32126.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_32126.exe:*:Enabled:uTorrent"
"C:\\Program Files\\Sibelius Software\\Sibelius 6\\RegTool.exe"="C:\\Program Files\\Sibelius Software\\Sibelius 6\\RegTool.exe:*:Enabled:RegTool.exe"
"C:\\Program Files\\Sibelius Software\\Sibelius 6\\Sibelius.exe"="C:\\Program Files\\Sibelius Software\\Sibelius 6\\Sibelius.exe:*:Enabled:Sibelius.exe"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\ICQM\\icq.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\ICQM\\icq.exe:*:Enabled:ICQ"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_33497.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_33497.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_33870.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_33870.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_34024.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_34024.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_34309.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_34309.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_34944.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_34944.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_35702.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_35702.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_37754.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_37754.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_38913.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.2_38913.exe:*:Enabled:uTorrent"
"C:\\Program Files\\AVG\\AVG2015\\avgmfapx.exe"="C:\\Program Files\\AVG\\AVG2015\\avgmfapx.exe:*:Enabled:Instaltor AVG"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.3_40097.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.3_40097.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.3_40298.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Data aplikac\\uTorrent\\updates\\3.4.3_40298.exe:*:Enabled:uTorrent"
"C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Local Settings\\Temp\\torjan.exe"="C:\\Documents and Settings\\doma.DOMA-95E00D2E76\\Local Settings\\Temp\\torjan.exe:*:Enabled:torjan.exe"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox (C:\\Program Files\\Mozilla Firefox)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
==================== End Of Log ==============================
