Prosim o kontrolu logu - online eset nasel 4 infikace

[jaro3]

uděláme to v OTL.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Reklama]

[Leelaa]

OTL Extras logfile created on: 21.3.2013 13:56:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 594,80 Mb Available Physical Memory | 58,12% Memory free
1,61 Gb Paging File | 1,20 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,49 Gb Total Space | 37,58 Gb Free Space | 25,66% Space Free | Partition Type: NTFS
Drive D: | 86,39 Gb Total Space | 7,32 Gb Free Space | 8,47% Space Free | Partition Type: NTFS

Computer Name: MISA | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007811BF-E310-4285-BFC6-55DB29B3EDDE}" = WinPatrol
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = Ovládací panel ATI
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{105CFC7C-6992-11D5-BD9D-000102C10FD8}" = Lizardtech DjVu Control
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{33A5CB3F-2F74-4632-949C-CF1390623FDC}_is1" = Cardhalia v1.5
"{342126E1-173C-4585-BFBE-3EBDD20E3E9E}" = Mobipocket Reader 6.2
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb" = Dungeon Keeper 2
"{51A128D8-3F9E-48D6-A916-4E28184A15EC}" = Grandia2
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{76A40BFF-4998-4562-8593-117EC74807EC}" = Etherlords II
"{77CEF490-8C06-437D-A91A-725765DFE6E0}" = Sengoku
"{7ADC2E95-377D-4816-A494-0EAF68A0949D}_is1" = Elven Legacy: Siege
"{80CEC063-FA23-4A99-92CB-DB3E92743406}_is1" = Elven Legacy: Magic
"{821DABD6-26F2-49E5-AE55-40A589ADBE6D}" = Emperor: Rise of the Middle Kingdom 1.0.1.0
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89175DF1-45F4-490C-B804-D6347D36D82E}" = ATI AVIVO Codecs
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics Driver
"{8F1A3107-FE6E-4FFA-B973-73BE1932FCEF}" = Emperor - RotMK Bonus Campaign
"{90120405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Standard
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{90437E5F-0A9E-4B63-AD8B-D232897D18BF}" = ATI Parental Control & Encoder
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.1
"{985F0C69-F2B9-4D74-8932-D78CAE01FFF8}" = ATI MCE Encoder
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}" = Intel(R) PROSet
"{A9B5B11A-ABFD-49E0-850E-690BE86C3A9E}_is1" = Type light 3.1.014
"{AC5F0006-B59B-EEB5-BAE2-02F53E6A484D}" = AMD Catalyst Install Manager
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D65A5E8E-1009-42F4-839F-109E1CD784D5}" = Document Express DjVu Plug-in
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic VX
"{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1" = Wise Care 365 version 2.25
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{EF581945-BBE9-11D5-A7FE-50275FC10000}" = Capitalism II
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"69083DC58646DE46A09847A522A1CC487F918039" = Balíček ovladače systému Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0)
"7-Zip" = 7-Zip 4.65
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Ancient Rome_is1" = Ancient Romes
"ATI Display Driver" = ATI Display Driver
"Automatické vypnutí počítače (AVP)_is1" = Automatické vypnutí počítače 1.0
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-07-30
"Death Rally" = Death Rally for Windows
"Discord Times_is1" = Discord Times
"DivX Setup" = DivX Setup
"Dungeon Keeper 2" = Dungeon Keeper 2
"Dungeon Keeper 2_is1" = Dungeon Keeper 2
"Enable S3 for USB Device" = Enable S3 for USB Device
"Eschalon Book II_is1" = Eschalon Book 2 1.01
"FastStone Image Viewer" = FastStone Image Viewer 4.6
"Final Fantasy VIIIv1.2" = Final Fantasy VIII
"Focus Photoeditor_is1" = Focus Photoeditor 5
"Free Create-Burn ISO Image_is1" = Free Create-Burn ISO Image v2.0
"Future Wars" = Future Wars
"GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}" = Dark Souls Prepare to Die Edition
"GOM Player" = GOM Player
"Grotesque-Tactics" = Grotesque-Tactics 1.0.0.4
"GSpot" = GSpot Codec Information Appliance
"Hurrican_is1" = Hurrican 1.0.0.1
"Chak`s Temple_is1" = Chak`s Temple v 1.3
"ie7" = Windows Internet Explorer 7
"Jagged Alliance 2 – Unfinished Business_is1" = Jagged Alliance 2 – Unfinished Business
"Knight Lore_is1" = Uninstall Knight Lore
"Laser Squad Nemesis" = Laser Squad Nemesis
"Legend of Grimrock_is1" = Legend of Grimrock
"Magic The Gathering - Duels of the Planeswalkers 2013_is1" = Magic The Gathering - Duels of the Planeswalkers 2013
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 18.0.2 (x86 cs)" = Mozilla Firefox 18.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"OpenAL" = OpenAL
"PakkISO_is1" = PakkISO 0.4
"PC Translator 2004 Komplet" = PC Translator 2004 Komplet
"PDF Creator" = PDF Creator (Remove Only)
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"Septerra Core" = Septerra Core
"Star Command Deluxe (DOSBox 0.74 emulation)" = Star Command Deluxe (DOSBox 0.74 emulation)
"Task Catcher" = Task Catcher
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"uTorrentControl Toolbar" = uTorrentControl Toolbar
"VP3 Codec for Video for Windows" = VP3 Codec for Video for Windows
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.66
"X-COM: Terror from the Deep (DosBox emulation)" = X-COM: Terror from the Deep (DosBox emulation)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Four Pillars & Feng Shui" = Four Pillars & Feng Shui
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.1.2013 3:59:04 | Computer Name = MISA | Source = ESENT | ID = 490
Description = svchost (1032) Pokus o otevření souboru C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 5.1.2013 3:59:04 | Computer Name = MISA | Source = ESENT | ID = 439
Description = Catalog Database (1032) Pro soubor C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
nelze zapsat stínové záhlaví. Chyba -1032

Error - 5.1.2013 3:59:04 | Computer Name = MISA | Source = ESENT | ID = 470
Description = Catalog Database (1032) Databáze C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
je částečně připojena. Fáze připojení: 1. Chyba: -1032

Error - 6.3.2013 7:56:57 | Computer Name = MISA | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ntdll.dll, verze 5.1.2600.6055, adresa chyby 0x000101b3.

Error - 6.3.2013 7:57:04 | Computer Name = MISA | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 12.3.2013 6:22:35 | Computer Name = MISA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

Error - 12.3.2013 15:29:18 | Computer Name = MISA | Source = Application Error | ID = 1000
Description = Chybující aplikace gom.exe, verze 2.1.47.5133, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00010a19.

Error - 12.3.2013 16:06:06 | Computer Name = MISA | Source = Application Error | ID = 1000
Description = Chybující aplikace gom.exe, verze 2.1.47.5133, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00010a19.

Error - 12.3.2013 16:21:52 | Computer Name = MISA | Source = Application Error | ID = 1000
Description = Chybující aplikace gom.exe, verze 2.1.47.5133, chybující modul ntdll.dll,
verze 5.1.2600.6055, adresa chyby 0x00010a19.

Error - 20.3.2013 9:42:47 | Computer Name = MISA | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

[ System Events ]
Error - 20.3.2013 9:28:32 | Computer Name = MISA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 20.3.2013 9:29:24 | Computer Name = MISA | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 20.3.2013 9:29:24 | Computer Name = MISA | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 20.3.2013 9:29:24 | Computer Name = MISA | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
Prostředí pro podporu sítě AFD, která neuspěla při spuštění v důsledku následující
chyby: %%31

Error - 20.3.2013 9:29:24 | Computer Name = MISA | Source = Service Control Manager | ID = 7001
Description = Služba Bonjour Service závisí na službě Ovladač protokolu TCP/IP,
která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 20.3.2013 9:29:24 | Computer Name = MISA | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 20.3.2013 9:29:24 | Computer Name = MISA | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD aswRdr aswSnx aswSP aswTdi Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd
Rdbss
sptd
Tcpip
WS2IFSL

Error - 20.3.2013 9:30:04 | Computer Name = MISA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby StiSvc
s argumenty za účelem spuštění serveru: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 20.3.2013 9:45:57 | Computer Name = MISA | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 21.3.2013 8:40:31 | Computer Name = MISA | Source = Windows Update Agent | ID = 16
Description = Připojení se nezdařilo: Připojení ke službě automatických aktualizací
nelze navázat. Stažení a instalaci aktualizací podle tohoto plánu nelze spustit.
Pokus o navázání spojení bude opakován.


< End of report >

[Leelaa]

OTL logfile created on: 21.3.2013 13:56:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\admin\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1023,48 Mb Total Physical Memory | 594,80 Mb Available Physical Memory | 58,12% Memory free
1,61 Gb Paging File | 1,20 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146,49 Gb Total Space | 37,58 Gb Free Space | 25,66% Space Free | Partition Type: NTFS
Drive D: | 86,39 Gb Total Space | 7,32 Gb Free Space | 8,47% Space Free | Partition Type: NTFS

Computer Name: MISA | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.03.21 08:32:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
PRC - [2013.03.11 11:58:37 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013.03.07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.11 13:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011.11.11 13:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011.08.12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013.03.18 09:09:14 | 002,074,624 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13031800\algo.dll
MOD - [2013.03.12 12:36:00 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013.03.12 12:33:07 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
MOD - [2013.03.12 11:57:02 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll
MOD - [2013.03.12 11:53:13 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.03.12 11:53:04 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
MOD - [2013.03.12 11:52:40 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013.03.12 11:14:36 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.03.12 11:13:19 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013.03.12 11:10:52 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.12.13 16:15:49 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_cs_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2011.12.13 16:15:43 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.11.11 13:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011.11.11 13:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011.08.12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2011.08.12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011.08.12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011.08.12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011.08.12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011.08.12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010.06.29 09:31:12 | 000,652,800 | ---- | M] () -- C:\Program Files\IZArc\IZArcCM.dll
MOD - [2009.12.27 16:15:16 | 000,241,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3400.33172__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
MOD - [2009.12.27 16:15:16 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3400.33171__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
MOD - [2009.12.27 16:15:16 | 000,163,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3400.33170__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
MOD - [2009.12.27 16:15:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3400.33166__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
MOD - [2009.12.27 16:15:16 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3400.33170__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
MOD - [2009.12.27 16:15:16 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3400.33172__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
MOD - [2009.12.27 16:15:16 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3400.33171__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
MOD - [2009.12.27 16:15:16 | 000,012,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3400.33170__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
MOD - [2009.12.27 16:15:16 | 000,010,240 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3400.33171__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
MOD - [2009.12.27 16:15:16 | 000,010,240 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3400.33166__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
MOD - [2009.12.27 16:15:16 | 000,009,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3400.33171__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
MOD - [2009.12.27 16:15:15 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3400.33073__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.12.27 16:15:15 | 000,327,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3400.33052__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:15 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3400.33173__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2009.12.27 16:15:15 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3400.33074__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.12.27 16:15:15 | 000,147,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3400.33166__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2009.12.27 16:15:15 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3400.33068__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.12.27 16:15:15 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3400.33062__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:15 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3400.33165__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.12.27 16:15:15 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3400.33165__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.12.27 16:15:15 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3400.33168__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.12.27 16:15:15 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3400.33165__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.12.27 16:15:14 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3400.33152__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.12.27 16:15:14 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3400.33131__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:14 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3400.33061__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:14 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3400.33111__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:14 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3400.33100__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:13 | 000,348,160 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3400.33116__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:13 | 000,241,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Dashboard\2.0.3400.33083__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3400.33117__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.12.27 16:15:13 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3400.33074__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:13 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3400.33116__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:13 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3400.33153__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:13 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Runtime\2.0.3400.33084__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:13 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3400.33073__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:10 | 000,782,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3400.33103__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:10 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3400.33124__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.12.27 16:15:10 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3400.33075__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3400.33108__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:10 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3400.33102__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:10 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3400.33107__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:09 | 000,573,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3400.33075__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:09 | 000,409,600 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3400.33063__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:09 | 000,360,448 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3400.33096__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:09 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3400.33079__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:09 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3400.33109__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:08 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3400.33101__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:08 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.12.27 16:15:08 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3400.33100__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:08 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3400.33101__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.12.27 16:15:07 | 000,008,192 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3400.33046__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.12.27 16:15:07 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.12.27 16:15:07 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3400.33042__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.12.27 16:15:07 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3400.33150__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.12.27 16:15:07 | 000,006,144 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3400.33047__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.12.27 16:15:07 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3400.33158__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.12.27 16:15:07 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3400.33051__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.12.27 16:15:07 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3400.33047__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.12.27 16:15:06 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3400.33041__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.12.27 16:15:06 | 000,015,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3400.33042__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.12.27 16:15:06 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3400.33045__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.12.27 16:15:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3400.33042__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.12.27 16:15:05 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.12.27 16:15:05 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3400.33146__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.12.27 16:15:05 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3400.33043__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.12.27 16:15:05 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3400.33044__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.12.27 16:15:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.12.27 16:15:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.12.27 16:15:05 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3400.33068__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.12.27 16:15:05 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3400.33043__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.12.27 16:15:05 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3400.33051__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.12.27 16:15:05 | 000,005,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3400.33046__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.12.27 16:15:04 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3400.33045__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.12.27 16:15:04 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3400.33115__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.12.27 16:15:04 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3400.33151__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.12.27 16:15:04 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.SmartGart.Graphics.Shared\2.0.3400.33083__90ba9c70f846762e\CLI.Aspect.SmartGart.Graphics.Shared.dll
MOD - [2009.12.27 16:15:04 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3400.33073__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.12.27 16:15:04 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3400.33061__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3400.33131__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3400.33101__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3400.33062__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3400.33062__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3400.33062__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3400.33107__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.12.27 16:15:03 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3400.33051__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.12.27 16:15:02 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3400.33100__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.12.27 16:15:02 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3400.33072__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.12.27 16:15:02 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3400.33111__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.12.27 16:15:02 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3400.33072__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.12.27 16:15:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3400.33043__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.12.27 16:15:02 | 000,006,144 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3400.33048__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.12.27 16:15:01 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3400.33146__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.12.27 16:15:01 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3400.33158__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.12.27 16:15:01 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3400.33044__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.12.27 16:15:01 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.12.27 16:15:01 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.12.27 16:15:01 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3400.33049__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.12.27 16:15:01 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3400.33047__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.12.27 16:15:00 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3400.33067__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.12.27 16:15:00 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3400.33144__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.12.27 16:15:00 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3400.33051__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.12.27 16:15:00 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3400.33049__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.12.27 16:15:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3400.33046__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.12.27 16:15:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3400.33046__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.12.27 16:15:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3400.33045__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.12.27 16:15:00 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3400.33067__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.12.27 16:14:59 | 000,010,240 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3400.33056__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.12.27 16:14:58 | 001,208,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3400.33057__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.12.27 16:14:58 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3400.33056__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.12.27 16:14:58 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.12.27 16:14:58 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3400.33146__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.12.27 16:14:58 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3400.33073__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.12.27 16:14:57 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3400.33049__90ba9c70f846762e\APM.Server.dll
MOD - [2009.12.27 16:14:57 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3400.33048__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.10.30 14:39:12 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.09.03 14:28:24 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.08.29 09:55:00 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.08.21 12:32:44 | 000,098,304 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll


========== Services (SafeList) ==========

SRV - [2013.03.15 10:59:56 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.11 11:58:37 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013.02.09 17:20:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Program Files\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2011.03.16 09:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.01.26 11:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2003.03.03 12:33:40 | 000,143,360 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\NCS\Sync\NetSvc.exe -- (NetSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ad68vn50)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0bpkc5t)
DRV - [2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.03.07 00:33:24 | 000,164,736 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.03.07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.03.07 00:33:24 | 000,049,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.01.18 07:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010.03.17 15:44:54 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.03.17 15:44:54 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.01.14 16:56:23 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.05.08 10:57:50 | 000,583,552 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2009.04.24 02:30:57 | 004,049,408 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.04.23 10:15:06 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.04.01 12:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.08.26 08:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 23:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 23:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2003.08.15 08:53:12 | 000,462,684 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2003.08.14 16:16:38 | 000,404,736 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.04.16 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2003.04.16 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002.07.17 07:53:02 | 000,016,877 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001.08.17 19:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)

[Leelaa]

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&babsrc=SP_ss&mntrId=2433d9d7000000000000000475760db7
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60342
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3172963
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl Customized Web Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1483
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\admin\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.10 17:21:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.14 07:12:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.03.11 11:59:04 | 000,000,000 | ---D | M]

[2009.09.20 11:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Extensions
[2013.03.18 11:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions
[2013.02.17 22:43:55 | 000,000,000 | ---D | M] (uTorrentControl Community Toolbar) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\{e9df9360-97f8-4690-afe6-996c80790da4}
[2013.03.18 11:20:57 | 000,140,933 | ---- | M] () (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\firegestures@xuldev.org.xpi
[2012.12.18 20:26:58 | 000,241,907 | ---- | M] () (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\illimitux@illimitux.net.xpi
[2013.02.17 22:43:38 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.03.07 11:29:20 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\searchplugins\conduit.xml
[2013.02.09 17:20:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.09 17:20:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2013.03.10 17:21:22 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.03.14 07:12:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.02.04 22:02:56 | 001,642,496 | ---- | M] (LizardTech) -- C:\Program Files\mozilla firefox\plugins\npdjvu.dll
[2012.08.19 18:12:06 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010.02.25 08:40:10 | 000,000,955 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bingober2796171.gif
[2010.07.05 18:13:54 | 000,000,181 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bingober2796171.src
[2013.03.14 07:11:24 | 000,002,421 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.14 07:11:24 | 000,000,851 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.03.14 07:11:24 | 000,001,580 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.14 07:11:24 | 000,000,867 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.03.14 07:11:24 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: DjVu Plugin Viewer (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\plugins\npdjvu.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\admin\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Adblock Plus = C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\
CHR - Extension: AdBlock = C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Nyxium = C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ihbdengcekanghpajlhbafmlgpdgpmfb\1.0.3_0\

O1 HOSTS File: ([2013.03.20 14:47:42 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Documents and Settings\admin\Data aplikací\Media Finder\Extensions\gencrawler_gc.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Task Catcher] C:\Program Files\BillP Studios\Task Catcher\TaskTrap.exe (BillP Studios)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarsOnTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMovingBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCloseDragDropBands = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\webie.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.18 17:51:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.03.21 08:32:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
[2013.03.20 16:41:05 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.03.20 14:45:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.03.20 14:32:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.03.20 14:32:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.03.20 14:32:14 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.03.20 14:32:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.03.20 14:31:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.03.20 14:20:07 | 005,042,037 | R--- | C] (Swearware) -- C:\Documents and Settings\admin\Plocha\ComboFix.exe
[2013.03.20 13:36:16 | 001,413,120 | ---- | C] (Option^Explicit Software Solutions) -- C:\Documents and Settings\admin\Plocha\winsockfix.exe
[2013.03.17 19:52:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\admin\Recent
[2013.03.17 06:50:46 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2013.03.15 12:29:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Plocha\backups
[2013.03.15 10:13:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Data aplikací\Wise Registry Cleaner
[2013.03.15 10:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Data aplikací\Wise Care 365
[2013.03.15 10:01:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Wise Registry Cleaner
[2013.03.15 10:00:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Nabídka Start\Programy\Wise Care 365
[2013.03.15 10:00:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Wise Care 365
[2013.03.15 09:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2013.03.12 10:43:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2013.03.12 10:33:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2013.03.12 10:33:22 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.03.12 10:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.03.12 07:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\admin\Local Settings\Data aplikací\Sun
[2013.03.11 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.03.11 11:59:05 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.11 11:59:04 | 000,861,088 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.03.11 11:59:04 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.11 11:58:54 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.11 11:58:54 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.11 11:58:54 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.03.11 11:22:30 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2013.03.10 17:21:26 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys

========== Files - Modified Within 30 Days ==========

[2013.03.21 13:56:29 | 000,000,398 | ---- | M] () -- C:\WINDOWS\tasks\Wise Care 365.job
[2013.03.21 13:40:25 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.03.21 13:39:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.21 13:38:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.03.21 13:38:34 | 000,169,584 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013.03.21 08:32:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\admin\Plocha\OTL.exe
[2013.03.20 14:47:42 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.03.20 14:20:55 | 005,042,037 | R--- | M] (Swearware) -- C:\Documents and Settings\admin\Plocha\ComboFix.exe
[2013.03.20 13:36:21 | 001,413,120 | ---- | M] (Option^Explicit Software Solutions) -- C:\Documents and Settings\admin\Plocha\winsockfix.exe
[2013.03.20 13:08:35 | 000,001,917 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.03.20 12:29:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.03.19 08:14:06 | 006,733,824 | ---- | M] () -- C:\Documents and Settings\admin\ntuser.rhk
[2013.03.18 17:24:57 | 000,000,375 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013.03.18 16:57:16 | 000,002,511 | ---- | M] () -- C:\WINDOWS\WINCMD.INI
[2013.03.18 16:21:11 | 000,000,019 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.bak
[2013.03.17 22:47:51 | 000,000,030 | ---- | M] () -- C:\WINDOWS\avp.ini
[2013.03.17 22:30:16 | 000,815,616 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\RogueKiller.exe
[2013.03.17 19:58:42 | 001,232,760 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.03.17 19:53:41 | 000,005,386 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130317_195339.reg
[2013.03.15 10:59:55 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.15 10:59:55 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.15 09:59:05 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130315_095900.reg
[2013.03.12 11:51:52 | 000,027,354 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130312_115147.reg
[2013.03.12 11:11:17 | 000,481,662 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.03.12 11:11:16 | 000,476,862 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.03.12 11:11:16 | 000,092,270 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.03.12 11:11:16 | 000,079,736 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.03.11 11:58:40 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.03.11 11:58:34 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.03.11 11:58:34 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.03.11 11:58:33 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.03.11 11:58:32 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.03.11 11:58:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2013.03.11 11:58:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.03.11 07:23:58 | 000,006,430 | ---- | M] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130311_072354.reg
[2013.03.10 17:21:26 | 000,002,504 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.03.08 11:32:02 | 000,002,559 | ---- | M] () -- C:\Documents and Settings\admin\Plocha\Microsoft Word.lnk
[2013.03.07 00:33:24 | 000,765,736 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.03.07 00:33:24 | 000,368,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.03.07 00:33:24 | 000,164,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.07 00:33:24 | 000,062,376 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.03.07 00:33:24 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.03.07 00:33:24 | 000,049,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.03.07 00:33:23 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.03.07 00:33:22 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.03.07 00:32:42 | 000,228,600 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.02.24 18:15:56 | 000,019,989 | ---- | M] () -- C:\TREEINFO.WC
[2013.02.23 17:55:36 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.02.21 10:58:16 | 000,067,072 | ---- | M] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2013.03.20 14:32:14 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.03.20 14:32:14 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.03.20 14:32:14 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.03.20 14:32:14 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.03.20 14:32:14 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.03.20 13:07:04 | 000,001,917 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.03.19 08:14:01 | 006,733,824 | ---- | C] () -- C:\Documents and Settings\admin\ntuser.rhk
[2013.03.17 22:30:15 | 000,815,616 | ---- | C] () -- C:\Documents and Settings\admin\Plocha\RogueKiller.exe
[2013.03.17 19:53:40 | 000,005,386 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130317_195339.reg
[2013.03.15 12:20:02 | 000,000,398 | ---- | C] () -- C:\WINDOWS\tasks\Wise Care 365.job
[2013.03.15 09:59:03 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130315_095900.reg
[2013.03.12 11:51:49 | 000,027,354 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130312_115147.reg
[2013.03.11 07:23:56 | 000,006,430 | ---- | C] () -- C:\Documents and Settings\admin\Dokumenty\cc_20130311_072354.reg
[2013.03.10 17:21:28 | 000,164,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.10 17:21:28 | 000,049,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2012.08.18 15:19:07 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\ucadnhxe.dll
[2012.05.17 12:58:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CAPTIVA.DAT
[2012.02.15 14:33:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.02 15:44:45 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011.11.13 14:34:34 | 000,000,834 | ---- | C] () -- C:\Documents and Settings\admin\.recently-used.xbel
[2011.11.10 23:37:02 | 000,437,986 | ---- | C] () -- C:\WINDOWS\System32\prfh0405.dat
[2011.11.10 23:37:02 | 000,082,800 | ---- | C] () -- C:\WINDOWS\System32\prfc0405.dat
[2011.11.10 18:41:05 | 000,000,693 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Zástupce - AVG2012.lnk
[2011.10.08 22:22:06 | 000,002,690 | ---- | C] () -- C:\WINDOWS\wdict32.INI
[2011.09.05 13:07:05 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011.09.05 12:56:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2011.08.12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011.07.28 16:49:12 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.07.26 07:48:54 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011.07.05 21:10:25 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2011.06.29 21:00:17 | 000,002,554 | ---- | C] () -- C:\WINDOWS\WAVEMIX.INI
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2011.02.26 10:31:09 | 000,002,047 | ---- | C] () -- C:\Documents and Settings\admin\.recently-used.old
[2009.09.22 13:02:58 | 000,067,072 | ---- | C] () -- C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.09.18 07:17:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2010.06.24 13:12:34 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 07:52:06 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011.06.12 16:43:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\.BitTornado
[2011.11.06 09:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\AVG
[2010.06.14 10:55:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Basilisk Games
[2011.09.17 07:53:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Beij
[2012.01.11 14:00:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Braid
[2010.07.26 21:48:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\COWON
[2013.03.11 07:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\DAEMON Tools Lite
[2012.11.04 18:33:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Dropbox
[2010.11.16 13:56:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\fltk.org
[2011.03.21 17:34:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\fotw
[2012.12.16 21:33:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\FVD3
[2010.04.12 21:05:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Gamelab
[2011.11.13 13:08:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\gtk-2.0
[2012.05.21 09:28:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\ICQ
[2010.07.27 08:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\IObit
[2011.09.17 07:47:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Kucae
[2011.11.06 20:01:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Ladia Group
[2011.11.26 15:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Leadertech
[2012.09.14 10:37:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Media Finder
[2012.02.02 15:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\MinMaxGames
[2011.07.06 22:53:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Mobipocket
[2010.06.15 21:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Nokia
[2010.07.05 18:31:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Oberon Janes ZOO
[2010.07.26 20:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Ontrack
[2011.05.17 17:13:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\OpenOffice.org
[2011.01.06 19:46:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Opera
[2011.03.09 16:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Oyaji Games
[2009.11.29 20:56:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\PC Suite
[2010.12.01 12:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\PlayFirst
[2012.05.29 14:03:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Red Alert 3
[2011.10.17 08:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\runic games
[2011.11.10 08:44:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\TeamViewer
[2011.08.08 15:18:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\TheAsskickers
[2010.11.26 18:15:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Total Eclipse
[2012.06.01 11:57:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Ubisoft
[2012.02.17 09:08:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Unity
[2012.02.21 09:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\uqm
[2013.03.17 19:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\uTorrent
[2011.10.08 16:34:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\VC 2 Paradise Resort
[2010.10.22 19:17:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
[2011.11.12 14:08:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\WinPatrol
[2013.03.21 13:39:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Wise Care 365
[2013.03.15 10:16:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\Wise Registry Cleaner
[2012.08.19 18:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\admin\Data aplikací\YourFileDownloader
[2011.11.10 19:02:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
[2011.11.09 16:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Big Fish Games
[2011.07.04 11:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\BioWare
[2011.01.11 23:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2010.01.14 16:56:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.06.26 18:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileServe Limited
[2011.05.27 07:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.04.06 21:55:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IMSIDesign
[2009.11.29 19:57:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2011.11.12 14:08:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2011.11.10 18:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2010.06.15 15:56:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\OviInstallerCache
[2009.11.29 20:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2010.12.01 12:22:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PlayFirst
[2010.06.25 08:32:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PopCap Games
[2012.05.12 14:29:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\RELOADED
[2012.10.25 14:09:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Stardock
[2012.05.14 23:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SuperOvladac
[2010.03.17 15:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Tages
[2012.04.06 21:43:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2010.06.30 19:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WildTangent
[2009.10.11 20:36:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\{755AC846-7372-4AC8-8550-C52491DAA8BD}

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ad68vn50)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a0bpkc5t)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=112555&babsrc=SP_ss&mntrId=2433d9d7000000000000000475760db7
IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatche ... tp=bs&qkw={searchTerms}&tbid=60342
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3172963
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl Customized Web Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
[2009.09.20 11:59:47 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Extensions
[2013.03.18 11:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions
[2013.02.17 22:43:55 | 000,000,000 | ---D | M] (uTorrentControl Community Toolbar) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\{e9df9360-97f8-4690-afe6-996c80790da4}
[2013.03.18 11:20:57 | 000,140,933 | ---- | M] () (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\firegestures@xuldev.org.xpi
[2012.12.18 20:26:58 | 000,241,907 | ---- | M] () (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\illimitux@illimitux.net.xpi
[2013.02.17 22:43:38 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.03.07 11:29:20 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\e7r6i5in.default\searchplugins\conduit.xml
[2013.02.09 17:20:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.09 17:20:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.08.19 18:12:06 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2010.02.25 08:40:10 | 000,000,955 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bingober2796171.gif
[2010.07.05 18:13:54 | 000,000,181 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bingober2796171.src
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
[2013.03.12 11:11:17 | 000,481,662 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.03.12 11:11:16 | 000,476,862 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.03.12 11:11:16 | 000,092,270 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.03.12 11:11:16 | 000,079,736 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.11.10 23:37:02 | 000,437,986 | ---- | C] () -- C:\WINDOWS\System32\prfh0405.dat
[2011.11.10 23:37:02 | 000,082,800 | ---- | C] () -- C:\WINDOWS\System32\prfc0405.dat
@Alternate Data Stream - 167 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:0B4227B4

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\SWREG.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\SWXCACLS.exe
C:\Qoobox
C:\Documents and Settings\admin\Plocha\ComboFix.exe
C:\WINDOWS\imsins.BAK
C:\WINDOWS\System32\drivers\etc\hosts.ics
C:\WINDOWS\System32\drivers\etc\hosts.bak
C:\Documents and Settings\admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\PEV.exe
C:\WINDOWS\MBR.exe
C:\WINDOWS\sed.exe
C:\WINDOWS\grep.exe
C:\WINDOWS\zip.exe
C:\Documents and Settings\All Users\Data aplikací\Zástupce - AVG2012.lnk
C:\Documents and Settings\admin\Data aplikací\AVG
ipconfig /flushdns /c

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

C:\Documents and Settings\admin\Data aplikací\Kucae--ten program znáš?

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.