rosím o kontrolu logu, nefunkční Mozilla

[annajet]

Dobrý večer, poprosila bych o kontrolu logu maminčina PC. Mozilla nelze vůbec spustit, pouze Internet explorer a ten se načítá též velmi pomalu. Mysleli jsme, že je chyba v připojení na modemu, ale můj ntb na wifi pracuje naprosto normalně. Koukala jsem navíc do Správce úloh a a zarazilo mě, že tam běží některé procesy duplikátně,plus je u nich připsaná *32 např. iexplorer.exe *32, můžu se optat. co to znamená? Předem děkuji!

Logfile of random's system information tool 1.09 (written by random/random)
Run by Doma at 2013-03-07 21:24:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 188 GB (62%) free of 305 GB
Total RAM: 3959 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:56, on 7.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\trend micro\Doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 6F65A8C59A}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10397 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
taskeng.exe {00B5B4D4-5C93-4703-A7D3-079D0E9ED818}
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart B110 series#1349600517" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-666089336-1901793721-1404377891-100012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-666089336-1901793721-1404377891-100012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 600 604 612 65536 608
"C:\Users\Doma\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\extensions\
toolbar@ask.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\
askcom.xml
askcomsearch.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 906408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-02-08 1520776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 906408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-07-04 1310040]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-02-08 1520776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-08-30 1127592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe [2009-07-18 257440]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-28 4767304]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2012-08-29 73392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
"Sweetpacks Communicator"=C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
""= []
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-02-02 1718920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-07 21:24:37 ----D---- C:\Program Files\trend micro
2013-03-07 21:24:32 ----D---- C:\rsit
2013-03-04 22:36:21 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-04 22:36:20 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-02-27 03:00:40 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 03:00:40 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 03:00:40 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 03:00:40 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 03:00:36 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 03:00:36 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 03:00:33 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 03:00:33 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 03:00:33 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 03:00:33 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 03:00:33 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 03:00:31 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 03:00:31 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 03:00:31 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 03:00:31 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 03:00:31 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 03:00:31 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 03:00:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 03:00:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 03:00:30 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 03:00:30 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 03:00:30 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 03:00:30 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 03:00:29 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 03:00:29 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 03:00:28 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-02-24 18:25:34 ----D---- C:\Users\Doma\AppData\Roaming\LegacyGames
2013-02-20 21:44:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-15 03:01:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-15 03:01:38 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-15 03:01:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-15 03:01:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-15 03:01:36 ----A---- C:\Windows\system32\ieui.dll
2013-02-15 03:01:35 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-15 03:01:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-15 03:01:35 ----A---- C:\Windows\system32\url.dll
2013-02-15 03:01:35 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-15 03:01:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-15 03:01:34 ----A---- C:\Windows\system32\urlmon.dll
2013-02-15 03:01:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-15 03:01:33 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-15 03:01:33 ----A---- C:\Windows\system32\jscript9.dll
2013-02-15 03:01:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-15 03:01:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-15 03:01:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-15 03:01:31 ----A---- C:\Windows\system32\wininet.dll
2013-02-15 03:01:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-15 03:01:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-15 03:01:30 ----A---- C:\Windows\system32\vbscript.dll
2013-02-15 03:01:30 ----A---- C:\Windows\system32\jscript.dll
2013-02-15 03:01:30 ----A---- C:\Windows\system32\iertutil.dll
2013-02-15 03:01:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-15 03:01:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-15 03:01:25 ----A---- C:\Windows\system32\mshtml.dll
2013-02-15 03:01:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-15 03:01:24 ----A---- C:\Windows\system32\ieframe.dll
2013-02-14 19:22:59 ----D---- C:\Users\Doma\AppData\Roaming\Systweak
2013-02-14 19:22:56 ----A---- C:\Windows\system32\roboot64.exe
2013-02-14 19:22:24 ----D---- C:\Program Files (x86)\PANDORA.TV
2013-02-14 11:45:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-14 11:45:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-14 11:45:17 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-14 11:45:11 ----A---- C:\Windows\system32\win32k.sys
2013-02-14 11:45:08 ----A---- C:\Windows\system32\winsrv.dll
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-14 11:45:06 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-14 11:45:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-14 11:45:02 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-09 21:03:01 ----D---- C:\Program Files (x86)\Ask.com
2013-02-08 23:44:23 ----D---- C:\Users\Doma\AppData\Roaming\Melesta
2013-02-08 23:43:53 ----D---- C:\Program Files (x86)\Games

======List of files/folders modified in the last 1 month======

2013-03-07 21:24:50 ----D---- C:\Windows\Prefetch
2013-03-07 21:24:42 ----D---- C:\Windows\Temp
2013-03-07 21:24:37 ----RD---- C:\Program Files
2013-03-07 21:06:53 ----D---- C:\Users\Doma\AppData\Roaming\uTorrent
2013-03-07 20:29:52 ----D---- C:\Windows\inf
2013-03-07 20:29:51 ----D---- C:\Windows
2013-03-07 19:27:35 ----D---- C:\Windows\system32\config
2013-03-06 23:37:13 ----HD---- C:\Config.Msi
2013-03-06 23:30:32 ----SHD---- C:\Windows\Installer
2013-03-06 23:30:20 ----D---- C:\Windows\SysWOW64
2013-03-06 23:19:11 ----SHD---- C:\System Volume Information
2013-03-06 23:16:36 ----D---- C:\ProgramData\AlawarWrapper
2013-03-04 22:36:22 ----D---- C:\Windows\system32\Tasks
2013-03-04 22:36:21 ----D---- C:\Windows\system32\drivers
2013-02-28 09:35:43 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-28 00:47:52 ----D---- C:\Windows\rescache
2013-02-27 03:19:20 ----D---- C:\Windows\winsxs
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\en-US
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-02-27 03:17:28 ----D---- C:\Windows\system32\pt-BR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\zh-TW
2013-02-27 03:17:27 ----D---- C:\Windows\system32\zh-HK
2013-02-27 03:17:27 ----D---- C:\Windows\system32\tr-TR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\sv-SE
2013-02-27 03:17:27 ----D---- C:\Windows\system32\pt-PT
2013-02-27 03:17:27 ----D---- C:\Windows\system32\pl-PL
2013-02-27 03:17:27 ----D---- C:\Windows\system32\nl-NL
2013-02-27 03:17:27 ----D---- C:\Windows\system32\ko-KR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\it-IT
2013-02-27 03:17:27 ----D---- C:\Windows\system32\hu-HU
2013-02-27 03:17:27 ----D---- C:\Windows\system32\fr-FR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\fi-FI
2013-02-27 03:17:27 ----D---- C:\Windows\system32\es-ES
2013-02-27 03:17:27 ----D---- C:\Windows\system32\el-GR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\de-DE
2013-02-27 03:17:27 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 03:17:26 ----D---- C:\Windows\system32\zh-CN
2013-02-27 03:17:26 ----D---- C:\Windows\system32\ru-RU
2013-02-27 03:17:26 ----D---- C:\Windows\system32\nb-NO
2013-02-27 03:17:26 ----D---- C:\Windows\system32\ja-JP
2013-02-27 03:17:26 ----D---- C:\Windows\system32\en-US
2013-02-27 03:17:26 ----D---- C:\Windows\system32\da-DK
2013-02-27 03:17:26 ----D---- C:\Windows\System32
2013-02-27 03:01:52 ----D---- C:\Windows\system32\catroot2
2013-02-27 03:01:52 ----D---- C:\Windows\system32\catroot
2013-02-26 23:05:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-24 13:11:24 ----D---- C:\Program Files (x86)\Alawarhry.cz
2013-02-24 12:37:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-22 22:37:54 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-02-22 22:37:54 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-02-21 15:56:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-20 21:57:46 ----RD---- C:\Program Files (x86)
2013-02-19 16:07:18 ----D---- C:\Windows\Tasks
2013-02-17 12:47:15 ----D---- C:\Windows\debug
2013-02-15 03:36:58 ----D---- C:\Windows\Microsoft.NET
2013-02-15 03:36:32 ----RSD---- C:\Windows\assembly
2013-02-15 03:26:42 ----D---- C:\Windows\SYSWOW64\migration
2013-02-15 03:26:42 ----D---- C:\Windows\AppPatch
2013-02-15 03:26:42 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-15 03:26:41 ----D---- C:\Windows\system32\migration
2013-02-15 03:26:41 ----D---- C:\Program Files\Internet Explorer
2013-02-15 03:10:47 ----D---- C:\ProgramData\Microsoft Help
2013-02-15 03:08:16 ----A---- C:\Windows\system32\MRT.exe
2013-02-10 00:21:05 ----D---- C:\Users\Doma\AppData\Roaming\Friday's games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 65408]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 177672]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-02-28 71064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 1025880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 377992]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 68992]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 33472]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-08-30 33712]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-02-28 45248]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-08-30 827560]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2012-08-29 2445880]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-26 251248]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-04 1255736]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Search a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[annajet]

Dobrý den, log z AdwCleaneru zde:

# AdwCleaner v2.114 - Logfile created 03/08/2013 at 08:31:37
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Doma - DOMA-PC
# Boot Mode : Normal
# Running from : C:\Users\Doma\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\Askcom.xml
File Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\askcomsearch.xml
File Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\SweetIM
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\Users\Doma\AppData\Local\APN
Folder Found : C:\Users\Doma\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Doma\AppData\LocalLow\SweetIM
Folder Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\extensions\toolbar@ask.com
Folder Found : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\SweetPacksToolbarData
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Folder Found : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\Software\PIP
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKU\S-1-5-21-666089336-1901793721-1404377891-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Found : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={FC359945-43B2-11E2-8462-1C6F65A8C59A}

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\prefs.js

Found : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={FC359945-43B2-11E2-8462-1C6F[...]
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Found : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Found : user_pref("extensions.asktb.cbid", "^U3");
Found : user_pref("extensions.asktb.config-updated", true);
Found : user_pref("extensions.asktb.crumb", "2013.02.09+12.03.55-toolbar014iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Found : user_pref("extensions.asktb.displaybehavior", "");
Found : user_pref("extensions.asktb.displaytext", "");
Found : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Found : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Found : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.sweetim.com/search.asp?src=2&ba[...]
Found : user_pref("extensions.asktb.ff19-config-first-run", "true");
Found : user_pref("extensions.asktb.first-restart-after-config-update", true);
Found : user_pref("extensions.asktb.fresh-install", false);
Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Found : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Found : user_pref("extensions.asktb.l", "dis");
Found : user_pref("extensions.asktb.last-config-req", "1362697289648");
Found : user_pref("extensions.asktb.locale", "en_EU");
Found : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Found : user_pref("extensions.asktb.lstation", "");
Found : user_pref("extensions.asktb.new-tab-opt-out", true);
Found : user_pref("extensions.asktb.news-native-on", true);
Found : user_pref("extensions.asktb.o", "100000027");
Found : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Found : user_pref("extensions.asktb.pstate", "");
Found : user_pref("extensions.asktb.qsrc", "2871");
Found : user_pref("extensions.asktb.r", "19");
Found : user_pref("extensions.asktb.search-suggestions-enabled", true);
Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Found : user_pref("extensions.asktb.socialmini-first", true);
Found : user_pref("extensions.asktb.socialmini-interval", "1200000");
Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Found : user_pref("extensions.asktb.socialmini-max-items", "30");
Found : user_pref("extensions.asktb.socialmini-native-on", true);
Found : user_pref("extensions.asktb.socialmini-speed", "10000");
Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Found : user_pref("extensions.asktb.to", "");
Found : user_pref("extensions.asktb.v", "3.15.15.100013");
Found : user_pref("extensions.asktb.volume", "");
Found : user_pref("extensions.enabledAddons", "%7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0,%7Bea61440[...]
Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1362682584772");
Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10002");
Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.newtab.created", "true");
Found : user_pref("sweetim.toolbar.newtab.enable", "true");
Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{FC359945-43B2-11E2-8462-1C6F65A8C59A}");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={FC35[...]
Found : user_pref("sweetim.toolbar.version", "1.9.0.0");

*************************

AdwCleaner[R1].txt - [19314 octets] - [08/03/2013 08:31:37]

########## EOF - C:\AdwCleaner[R1].txt - [19375 octets] ##########

[Márty84]

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Delete
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[annajet]

Log po delete z AdwCleaneru:
# AdwCleaner v2.114 - Logfile created 03/08/2013 at 21:40:19
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Doma - DOMA-PC
# Boot Mode : Normal
# Running from : C:\Users\Doma\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Doma\AppData\Local\APN
Folder Deleted : C:\Users\Doma\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Doma\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\extensions\toolbar@ask.com
Folder Deleted : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\SweetPacksToolbarData
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Folder Deleted : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={FC359945-43B2-11E2-8462-1C6F65A8C59A} --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\prefs.js

Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={FC359945-43B2-11E2-8462-1C6F[...]
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Deleted : user_pref("extensions.asktb.cbid", "^U3");
Deleted : user_pref("extensions.asktb.config-updated", true);
Deleted : user_pref("extensions.asktb.crumb", "2013.02.09+12.03.55-toolbar014iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Deleted : user_pref("extensions.asktb.displaybehavior", "");
Deleted : user_pref("extensions.asktb.displaytext", "");
Deleted : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.sweetim.com/search.asp?src=2&ba[...]
Deleted : user_pref("extensions.asktb.ff19-config-first-run", "true");
Deleted : user_pref("extensions.asktb.first-restart-after-config-update", true);
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Deleted : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1362697289648");
Deleted : user_pref("extensions.asktb.locale", "en_EU");
Deleted : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Deleted : user_pref("extensions.asktb.lstation", "");
Deleted : user_pref("extensions.asktb.new-tab-opt-out", true);
Deleted : user_pref("extensions.asktb.news-native-on", true);
Deleted : user_pref("extensions.asktb.o", "100000027");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.pstate", "");
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "19");
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Deleted : user_pref("extensions.asktb.socialmini-first", true);
Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Deleted : user_pref("extensions.asktb.to", "");
Deleted : user_pref("extensions.asktb.v", "3.15.15.100013");
Deleted : user_pref("extensions.asktb.volume", "");
Deleted : user_pref("extensions.enabledAddons", "%7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0,%7Bea61440[...]
Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1362682584772");
Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10002");
Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.newtab.created", "true");
Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{FC359945-43B2-11E2-8462-1C6F65A8C59A}");
Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={FC35[...]
Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");

*************************

AdwCleaner[R1].txt - [19427 octets] - [08/03/2013 08:31:37]
AdwCleaner[S1].txt - [19710 octets] - [08/03/2013 21:40:19]

########## EOF - C:\AdwCleaner[S1].txt - [19771 octets] ##########


A log z MBAM:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.08.15

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Doma :: DOMA-PC [administrátor]

8.3.2013 21:51:08
mbam-log-2013-03-08 (21-51-08).txt

Typ: Kompletní kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 323099
Uplynulý čas: 38 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Márty84]

MBAM muzete odinstalovat.



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[annajet]

Zde je log :

RogueKiller V8.5.2 [Mar 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Doma [Práva správce]
Mód : Kontrola -- Datum : 03/09/2013 17:13:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] 60975085cfbc049486e4cd48d496f42f
[BSP] f92152b838929839e730925ed4660011 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953766 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD321KJ ATA Device +++++
--- User ---
[MBR] 6cf158f2f457f2a988137bcf82666767
[BSP] 56272ea6a7a079a2159ef6e70dd05e7a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 305243 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03092013_02d1713.txt >>
RKreport[1]_S_03092013_02d1713.txt

[Márty84]

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.

[annajet]

prvni log:
RogueKiller V8.5.2 [Mar 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Doma [Práva správce]
Mód : Kontrola -- Datum : 03/09/2013 17:13:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] 60975085cfbc049486e4cd48d496f42f
[BSP] f92152b838929839e730925ed4660011 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953766 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SAMSUNG HD321KJ ATA Device +++++
--- User ---
[MBR] 6cf158f2f457f2a988137bcf82666767
[BSP] 56272ea6a7a079a2159ef6e70dd05e7a : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 305243 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03092013_02d1713.txt >>
RKreport[1]_S_03092013_02d1713.txt

Druhy log:
RogueKiller V8.5.2 [Mar 9 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Doma [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/09/2013 21:11:27
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03092013_02d2111.txt >>
RKreport[1]_S_03092013_02d1713.txt ; RKreport[2]_S_03092013_02d2109.txt ; RKreport[3]_D_03092013_02d2110.txt ; RKreport[4]_H_03092013_02d2111.txt

[Márty84]

Dejte novy log z RSIT.

Co mozilla? Jde spustit?

[annajet]

Pom poklepání na ikonu se Mozillla otevře cca do minuty, ale stránka se načítá nejmíň 5 min . Takže vše provádím v Exploreru, který se sice načítá též pomaleji, ale funguje. Zde nový log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Doma at 2013-03-10 10:48:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 189 GB (62%) free of 305 GB
Total RAM: 3959 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:49:02, on 10.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\Doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9019 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe"
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart B110 series#1349600517" -Startup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {84F3F56E-65F9-4260-B1D6-34AEFC12FFF9}
"C:\Users\Doma\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default

prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm LTD Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.171 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Doma\AppData\Roaming\Mozilla\Firefox\Profiles\musx4yle.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 906408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-02-28 1497560]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 906408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-28 1224568]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-08-30 603816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-08-30 1127592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-28 4767304]
"ZoneAlarm"=C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [2012-08-29 73392]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-08 21:40:19 ----A---- C:\AdwCleaner[S1].txt
2013-03-08 21:37:36 ----D---- C:\Users\Doma\AppData\Roaming\Malwarebytes
2013-03-08 21:28:32 ----D---- C:\ProgramData\Malwarebytes
2013-03-08 08:31:37 ----A---- C:\AdwCleaner[R1].txt
2013-03-07 21:24:37 ----D---- C:\Program Files\trend micro
2013-03-07 21:24:32 ----D---- C:\rsit
2013-03-04 22:36:21 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-04 22:36:20 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-02-27 03:00:40 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-02-27 03:00:40 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-02-27 03:00:40 ----A---- C:\Windows\system32\UIAnimation.dll
2013-02-27 03:00:40 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-02-27 03:00:36 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-02-27 03:00:36 ----A---- C:\Windows\system32\WMPhoto.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-27 03:00:33 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-27 03:00:33 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-02-27 03:00:33 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-02-27 03:00:33 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-02-27 03:00:33 ----A---- C:\Windows\system32\d3d10warp.dll
2013-02-27 03:00:33 ----A---- C:\Windows\system32\d3d10_1.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-27 03:00:32 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-02-27 03:00:32 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\dxgi.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\d3d10level9.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\d3d10core.dll
2013-02-27 03:00:32 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-02-27 03:00:31 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-02-27 03:00:31 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-02-27 03:00:31 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-02-27 03:00:31 ----A---- C:\Windows\system32\XpsPrint.dll
2013-02-27 03:00:31 ----A---- C:\Windows\system32\d3d11.dll
2013-02-27 03:00:31 ----A---- C:\Windows\system32\d3d10.dll
2013-02-27 03:00:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-02-27 03:00:30 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-02-27 03:00:30 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-02-27 03:00:30 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-27 03:00:30 ----A---- C:\Windows\system32\FntCache.dll
2013-02-27 03:00:30 ----A---- C:\Windows\system32\DWrite.dll
2013-02-27 03:00:29 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-02-27 03:00:29 ----A---- C:\Windows\system32\d2d1.dll
2013-02-27 03:00:28 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-02-24 18:25:34 ----D---- C:\Users\Doma\AppData\Roaming\LegacyGames
2013-02-20 21:44:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-02-15 03:01:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-02-15 03:01:38 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-15 03:01:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-02-15 03:01:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-02-15 03:01:36 ----A---- C:\Windows\system32\ieui.dll
2013-02-15 03:01:35 ----A---- C:\Windows\SYSWOW64\url.dll
2013-02-15 03:01:35 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-02-15 03:01:35 ----A---- C:\Windows\system32\url.dll
2013-02-15 03:01:35 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-15 03:01:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-02-15 03:01:34 ----A---- C:\Windows\system32\urlmon.dll
2013-02-15 03:01:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-02-15 03:01:33 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-15 03:01:33 ----A---- C:\Windows\system32\jscript9.dll
2013-02-15 03:01:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-02-15 03:01:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-02-15 03:01:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-02-15 03:01:31 ----A---- C:\Windows\system32\wininet.dll
2013-02-15 03:01:31 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-15 03:01:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-02-15 03:01:30 ----A---- C:\Windows\system32\vbscript.dll
2013-02-15 03:01:30 ----A---- C:\Windows\system32\jscript.dll
2013-02-15 03:01:30 ----A---- C:\Windows\system32\iertutil.dll
2013-02-15 03:01:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-02-15 03:01:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-02-15 03:01:25 ----A---- C:\Windows\system32\mshtml.dll
2013-02-15 03:01:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-02-15 03:01:24 ----A---- C:\Windows\system32\ieframe.dll
2013-02-14 19:22:59 ----D---- C:\Users\Doma\AppData\Roaming\Systweak
2013-02-14 19:22:56 ----A---- C:\Windows\system32\roboot64.exe
2013-02-14 19:22:24 ----D---- C:\Program Files (x86)\PANDORA.TV
2013-02-14 11:45:20 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-14 11:45:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-02-14 11:45:17 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-02-14 11:45:11 ----A---- C:\Windows\system32\win32k.sys
2013-02-14 11:45:08 ----A---- C:\Windows\system32\winsrv.dll
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-02-14 11:45:07 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-02-14 11:45:06 ----A---- C:\Windows\SYSWOW64\user.exe
2013-02-14 11:45:02 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-02-14 11:45:02 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS

======List of files/folders modified in the last 1 month======

2013-03-10 10:49:01 ----D---- C:\Windows\Temp
2013-03-10 10:49:00 ----D---- C:\Windows\Prefetch
2013-03-10 10:27:30 ----D---- C:\Windows\inf
2013-03-10 10:27:30 ----D---- C:\Windows
2013-03-10 09:38:07 ----D---- C:\Windows\system32\config
2013-03-09 16:59:26 ----D---- C:\Windows\system32\drivers
2013-03-09 10:02:48 ----D---- C:\Windows\system32\catroot2
2013-03-08 21:40:27 ----SHD---- C:\Windows\Installer
2013-03-08 21:40:26 ----RD---- C:\Program Files (x86)
2013-03-08 21:40:26 ----HD---- C:\ProgramData
2013-03-08 21:09:09 ----SHD---- C:\System Volume Information
2013-03-08 08:43:47 ----HD---- C:\Config.Msi
2013-03-08 08:30:38 ----D---- C:\Users\Doma\AppData\Roaming\HpUpdate
2013-03-08 00:17:34 ----D---- C:\Users\Doma\AppData\Roaming\uTorrent
2013-03-07 23:29:52 ----D---- C:\ProgramData\AlawarWrapper
2013-03-07 21:24:37 ----RD---- C:\Program Files
2013-03-06 23:30:20 ----D---- C:\Windows\SysWOW64
2013-03-04 22:36:22 ----D---- C:\Windows\system32\Tasks
2013-02-28 09:35:43 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-28 00:47:52 ----D---- C:\Windows\rescache
2013-02-27 03:19:20 ----D---- C:\Windows\winsxs
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\it-IT
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\es-ES
2013-02-27 03:17:29 ----D---- C:\Windows\SYSWOW64\el-GR
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\en-US
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\de-DE
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\da-DK
2013-02-27 03:17:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-02-27 03:17:28 ----D---- C:\Windows\system32\pt-BR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\zh-TW
2013-02-27 03:17:27 ----D---- C:\Windows\system32\zh-HK
2013-02-27 03:17:27 ----D---- C:\Windows\system32\tr-TR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\sv-SE
2013-02-27 03:17:27 ----D---- C:\Windows\system32\pt-PT
2013-02-27 03:17:27 ----D---- C:\Windows\system32\pl-PL
2013-02-27 03:17:27 ----D---- C:\Windows\system32\nl-NL
2013-02-27 03:17:27 ----D---- C:\Windows\system32\ko-KR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\it-IT
2013-02-27 03:17:27 ----D---- C:\Windows\system32\hu-HU
2013-02-27 03:17:27 ----D---- C:\Windows\system32\fr-FR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\fi-FI
2013-02-27 03:17:27 ----D---- C:\Windows\system32\es-ES
2013-02-27 03:17:27 ----D---- C:\Windows\system32\el-GR
2013-02-27 03:17:27 ----D---- C:\Windows\system32\de-DE
2013-02-27 03:17:27 ----D---- C:\Windows\system32\cs-CZ
2013-02-27 03:17:26 ----D---- C:\Windows\system32\zh-CN
2013-02-27 03:17:26 ----D---- C:\Windows\system32\ru-RU
2013-02-27 03:17:26 ----D---- C:\Windows\system32\nb-NO
2013-02-27 03:17:26 ----D---- C:\Windows\system32\ja-JP
2013-02-27 03:17:26 ----D---- C:\Windows\system32\en-US
2013-02-27 03:17:26 ----D---- C:\Windows\system32\da-DK
2013-02-27 03:17:26 ----D---- C:\Windows\System32
2013-02-27 03:01:52 ----D---- C:\Windows\system32\catroot
2013-02-26 23:05:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-02-24 13:11:24 ----D---- C:\Program Files (x86)\Alawarhry.cz
2013-02-24 12:37:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-22 22:37:54 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-02-22 22:37:54 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-02-21 15:56:21 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-02-19 16:07:18 ----D---- C:\Windows\Tasks
2013-02-17 12:47:15 ----D---- C:\Windows\debug
2013-02-15 03:36:58 ----D---- C:\Windows\Microsoft.NET
2013-02-15 03:36:32 ----RSD---- C:\Windows\assembly
2013-02-15 03:26:42 ----D---- C:\Windows\SYSWOW64\migration
2013-02-15 03:26:42 ----D---- C:\Windows\AppPatch
2013-02-15 03:26:42 ----D---- C:\Program Files (x86)\Internet Explorer
2013-02-15 03:26:41 ----D---- C:\Windows\system32\migration
2013-02-15 03:26:41 ----D---- C:\Program Files\Internet Explorer
2013-02-15 03:10:47 ----D---- C:\ProgramData\Microsoft Help
2013-02-15 03:08:16 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-02-28 65408]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-02-28 177672]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-01-09 460888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-02-28 71064]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-02-28 1025880]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-02-28 377992]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-02-28 68992]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2012-01-09 485680]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 454232]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-02-28 33472]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-08-30 33712]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 27136]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2011-09-16 32360]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2011-06-15 58472]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-02-28 45248]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-08-30 827560]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2012-08-29 2445880]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-26 251248]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-02-20 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-04 1255736]

-----------------EOF-----------------

[Márty84]

Pouzivate neco od Kaspersky? Bezi vam tam jeho ovladace



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
AdobeARMservice
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"GrooveMonitor"=-
"HP Software Update"=-
"QuickTime Task"=-
""=-

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[annajet]

Od Kasperki nic nemáme, mamče jsem instalovala pouze Avast a Zone Alarm, tak nevím, proč mi tam běží:(. Bohužel zatím je vše beze změny, trochu funguje explorer, mozilla vubec. Zde je log:
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Doma
->Temp folder emptied: 3453081 bytes
->Temporary Internet Files folder emptied: 2475863 bytes
->Java cache emptied: 3489449 bytes
->FireFox cache emptied: 118189347 bytes
->Flash cache emptied: 1203 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3516797 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 4778762 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46424510 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 174,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Doma
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0347C33E-8762-4905-BF09-768834316C61}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 03112013_115023

Files moved on Reboot...
C:\Users\Doma\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Doma\AppData\Local\Temp\~DFD43EB8F5B5932654.TMP moved successfully.
C:\Users\Doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JQTL3106\afr[1].htm moved successfully.
C:\Users\Doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3O8DJ7WW\viewtopic[1].htm moved successfully.
C:\Users\Doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\Windows\temp\ZLT07184.TMP moved successfully.

Registry entries deleted on Reboot...

[Márty84]

OK, podivame se hloubeji.


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte




Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[annajet]

Crystal disk:
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2013/03/11 12:26:19

-- Controller Map ----------------------------------------------------------
+ ATA Channel 1 (1) [ATA]
- SAMSUNG HD321KJ ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
+ ATA Channel 1 (1)
- ASUS DRW-24B5ST ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- SAMSUNG HD103SJ ATA Device
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HD103SJ : 1000,2 GB [0/0/0, pd1]
(2) SAMSUNG HD321KJ : 320,0 GB [1/1/0, pd1]

----------------------------------------------------------------------------
(1) SAMSUNG HD103SJ
----------------------------------------------------------------------------
Model : SAMSUNG HD103SJ
Firmware : 1AJ10001
Serial Number : S246J90B335635
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300
Power On Hours : 800 hod.
Power On Count : 1355 krát
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _71 _68 _25 000000002272 Čas na roztočení ploten
04 _98 _98 __0 000000000830 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000000320 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 252 252 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 00000000054B Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000003 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _57 _52 __0 00300010002B Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
DF 252 252 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 100 100 __0 000000000835 Počet cyklů načítání/vymazání

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 5332 3436 4A39 3042 3333 3335 3335 2020 2020 2020
020: 0000 FFFF 0004 3141 4A31 3031 3031 5341 4D53 554E
030: 4720 4844 3130 3353 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 004C 0040
080: 01FF 0028 746B 7F69 4123 BC41 BC41 4123 207F 004B
090: 004B 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 4000 4000 0000 5002 4E92
110: 04DA A307 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 ECA5

----------------------------------------------------------------------------
(2) SAMSUNG HD321KJ
----------------------------------------------------------------------------
Model : SAMSUNG HD321KJ
Firmware : CP100-12
Serial Number : S0MQJ1NPB10930
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3b
Transfer Mode : SATA/300
Power On Hours : 12925 hod.
Power On Count : 2973 krát
Temparature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 100 100 _15 0000000015C0 Čas na roztočení ploten
04 _94 _94 __0 0000000018B1 Počet spuštění/zastavení
05 253 253 _10 000000000000 Počet přemapovaných sektorů
07 253 253 _51 000000000000 Počet chybných hledání
08 253 253 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 00000000327D Hodin v činnosti
0A 253 253 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000B9D Počet cyklů zapnutí zařízení
0D 100 100 __0 00000052993E Počet pokusů o softvérové opravení chyb při čtení programů z disku
BB _91 _91 __0 00000000000A Ohlášeno neopravitelných chyb
BC 253 253 __0 000000000000 Časový limit příkazu
BE _60 _53 __0 000000000028 Teplota toku vzduchu
C2 118 _94 __0 000000000028 Teplota
C3 100 100 __0 00000052993E Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 100 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 100 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 003F 003F 0000 0000 0000
010: 5330 4D51 4A31 4E50 4231 3330 3330 2020 2020 2020
020: 0003 8000 0004 4350 3130 3132 3132 5341 4D53 554E
030: 4720 4844 3332 314B 4A20 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0706 0706 0000 004C 0040
080: 01F8 0052 746B 7F01 4123 BC01 BC01 4123 20FF 0038
090: 0038 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5000 0F00
110: 1BB1 0930 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: FFFF 0400 0E00 0003 0000 0300 0300 2400 6B20 3431
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003F 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 ACA5